Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035754?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "type": "deb", "namespace": "debian", "name": "curl", "version": "7.38.0-4+deb8u11", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "7.88.1-10+deb12u7", "latest_non_vulnerable_version": "8.18.0-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49272?format=api", "vulnerability_id": "VCID-1k8f-qgcv-xkhb", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64546", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64552", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.6454", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64512", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64484", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64515", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.6452", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64536", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782" }, { "reference_url": "https://curl.se/docs/CVE-2022-27782.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27782.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1555796" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082215", "reference_id": "2082215", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082215" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-27782" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1k8f-qgcv-xkhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49714?format=api", "vulnerability_id": "VCID-1mf9-u8y1-zbb1", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7019", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7016", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70096", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70111", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20170809A.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000101.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208221" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/100249", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100249" }, { "reference_url": "http://www.securitytracker.com/id/1039117", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309", "reference_id": "1478309", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554", "reference_id": "871554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101", "reference_id": "CVE-2017-1000101", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000101" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mf9-u8y1-zbb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49715?format=api", "vulnerability_id": "VCID-26ju-84rx-c7b9", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51472", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51614", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.5156", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51572", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51509", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407" }, { "reference_url": "https://curl.se/docs/CVE-2017-7407.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7407.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190", "reference_id": "1439190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500", "reference_id": "859500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407", "reference_id": "CVE-2017-7407", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2017-7407" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26ju-84rx-c7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34392?format=api", "vulnerability_id": "VCID-29n1-4u2b-tkgj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31828", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32009", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31913", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37101", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37148", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842" }, { "reference_url": "https://curl.se/docs/CVE-2018-16842.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16842.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644124", "reference_id": "1644124", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644124" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2181", "reference_id": "RHSA-2019:2181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2181" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3805-1/" }, { "reference_url": "https://usn.ubuntu.com/3805-2/", "reference_id": "USN-3805-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3805-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-16842" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29n1-4u2b-tkgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47223?format=api", "vulnerability_id": "VCID-2b39-ubrt-hkc6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93439", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93467", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11139", "scoring_system": "epss", "scoring_elements": "0.93455", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13273", "scoring_system": "epss", "scoring_elements": "0.94177", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13273", "scoring_system": "epss", "scoring_elements": "0.94161", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436" }, { "reference_url": "https://curl.se/docs/CVE-2019-5436.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5436.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/550696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/550696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", "reference_id": "1710620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710620" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351", "reference_id": "929351", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351" }, { "reference_url": "https://security.archlinux.org/ASA-201905-11", "reference_id": "ASA-201905-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-11" }, { "reference_url": "https://security.archlinux.org/ASA-201905-12", "reference_id": "ASA-201905-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-12" }, { "reference_url": "https://security.archlinux.org/ASA-201905-13", "reference_id": "ASA-201905-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-13" }, { "reference_url": "https://security.archlinux.org/ASA-201905-14", "reference_id": "ASA-201905-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-14" }, { "reference_url": "https://security.archlinux.org/ASA-201905-15", "reference_id": "ASA-201905-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-15" }, { "reference_url": "https://security.archlinux.org/ASA-201905-16", "reference_id": "ASA-201905-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-16" }, { "reference_url": "https://security.archlinux.org/AVG-959", "reference_id": "AVG-959", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-959" }, { "reference_url": "https://security.archlinux.org/AVG-960", "reference_id": "AVG-960", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-960" }, { "reference_url": "https://security.archlinux.org/AVG-961", "reference_id": "AVG-961", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-961" }, { "reference_url": "https://security.archlinux.org/AVG-962", "reference_id": "AVG-962", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-962" }, { "reference_url": "https://security.archlinux.org/AVG-963", "reference_id": "AVG-963", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-963" }, { "reference_url": "https://security.archlinux.org/AVG-964", "reference_id": "AVG-964", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-964" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1020", "reference_id": "RHSA-2020:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2505", "reference_id": "RHSA-2020:2505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2505" }, { "reference_url": "https://usn.ubuntu.com/3993-1/", "reference_id": "USN-3993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-1/" }, { "reference_url": "https://usn.ubuntu.com/3993-2/", "reference_id": "USN-3993-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2019-5436" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2b39-ubrt-hkc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49279?format=api", "vulnerability_id": "VCID-2xmp-jc8v-bucb", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43787", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43779", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43736", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52298", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52348", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52332", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52318", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252" }, { "reference_url": "https://curl.se/docs/CVE-2022-35252.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35252.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1613943", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://hackerone.com/reports/1613943" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831", "reference_id": "1018831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718", "reference_id": "2120718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213603", "reference_id": "HT213603", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213603" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220930-0005/", "reference_id": "ntap-20220930-0005", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5587-1/", "reference_id": "USN-5587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-35252" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2xmp-jc8v-bucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49716?format=api", "vulnerability_id": "VCID-36n6-qanf-nue8", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65949", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66059", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65991", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66019", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66048", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66067", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66024", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7468" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170419.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20170419.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-7468.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7468.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/97962", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97962" }, { "reference_url": "http://www.securitytracker.com/id/1038341", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038341" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381", "reference_id": "1443381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381" }, { "reference_url": "https://security.archlinux.org/ASA-201704-12", "reference_id": "ASA-201704-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201704-12" }, { "reference_url": "https://security.archlinux.org/AVG-180", "reference_id": "AVG-180", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-180" }, { "reference_url": "https://security.archlinux.org/AVG-181", "reference_id": "AVG-181", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-181" }, { "reference_url": "https://security.archlinux.org/AVG-183", "reference_id": "AVG-183", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-183" }, { "reference_url": "https://security.archlinux.org/AVG-184", "reference_id": "AVG-184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-184" }, { "reference_url": "https://security.archlinux.org/AVG-241", "reference_id": "AVG-241", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-241" }, { "reference_url": "https://security.archlinux.org/AVG-243", "reference_id": "AVG-243", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-243" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468", "reference_id": "CVE-2017-7468", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3262-1/", "reference_id": "USN-3262-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3262-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2017-7468" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36n6-qanf-nue8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49266?format=api", "vulnerability_id": "VCID-3sy2-4f3g-zkac", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53851", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53847", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.5383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53749", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53775", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53748", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53801", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53799", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774" }, { "reference_url": "https://curl.se/docs/CVE-2022-27774.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27774.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1543773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1543773" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254", "reference_id": "1010254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547", "reference_id": "2077547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-27774" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3sy2-4f3g-zkac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57268?format=api", "vulnerability_id": "VCID-47qb-2qkw-1qej", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53057", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52959", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53009", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53003", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53052", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53037", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.5302", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321" }, { "reference_url": "https://curl.se/docs/CVE-2023-28321.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28321.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1950627", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://hackerone.com/reports/1950627" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786", "reference_id": "2196786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-28321" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47qb-2qkw-1qej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34703?format=api", "vulnerability_id": "VCID-5jan-pqf6-fyhr", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81845", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81927", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81915", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81911", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81879", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81875", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622" }, { "reference_url": "https://curl.se/docs/CVE-2016-8622.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8622.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386", "reference_id": "1388386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8622" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jan-pqf6-fyhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34390?format=api", "vulnerability_id": "VCID-5n7a-9j23-e7dj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52577", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.5262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52613", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58527", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58515", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839" }, { "reference_url": "https://curl.se/docs/CVE-2018-16839.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16839.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642201", "reference_id": "1642201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642201" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3805-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-16839" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5n7a-9j23-e7dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34697?format=api", "vulnerability_id": "VCID-6muy-xpdq-9kg8", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88617", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88635", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.8864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88645", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616" }, { "reference_url": "https://curl.se/docs/CVE-2016-8616.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8616.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371", "reference_id": "1388371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8616" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6muy-xpdq-9kg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49700?format=api", "vulnerability_id": "VCID-6yb7-t8qs-cbch", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87259", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87302", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88227", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88238", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88231", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000007.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", "reference_id": "1537125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" }, { "reference_url": "https://usn.ubuntu.com/3554-2/", "reference_id": "USN-3554-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000007" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yb7-t8qs-cbch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74464?format=api", "vulnerability_id": "VCID-75nw-4e2d-zqgg", "summary": "curl: libcurl: ASN.1 date parser overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75437", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75429", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75407", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75396", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/31/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656", "reference_id": "1077656", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "reference_id": "2301888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888" }, { "reference_url": "https://hackerone.com/reports/2629968", "reference_id": "2629968", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://hackerone.com/reports/2629968" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.html", "reference_id": "CVE-2024-7264.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.json", "reference_id": "CVE-2024-7264.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7726", "reference_id": "RHSA-2024:7726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/6944-1/", "reference_id": "USN-6944-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-1/" }, { "reference_url": "https://usn.ubuntu.com/6944-2/", "reference_id": "USN-6944-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2024-7264" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75nw-4e2d-zqgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34393?format=api", "vulnerability_id": "VCID-79sv-kzb5-hbc4", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94879", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94923", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94891", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94902", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94907", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94911", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16566", "scoring_system": "epss", "scoring_elements": "0.94916", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3822.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://curl.se/docs/CVE-2019-3822.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190719-0004/" }, { "reference_url": "https://support.f5.com/csp/article/K84141449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K84141449" }, { "reference_url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", "reference_id": "1670254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*", "reference_id": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822", "reference_id": "CVE-2019-3822", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2019-3822" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79sv-kzb5-hbc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80714?format=api", "vulnerability_id": "VCID-7c8e-eaqy-akeu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9296", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92922", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9293", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92945", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9295", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92949", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153" }, { "reference_url": "https://curl.se/docs/CVE-2015-3153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3153.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341", "reference_id": "1217341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3153" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7c8e-eaqy-akeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16993?format=api", "vulnerability_id": "VCID-7srk-hshe-h3f4", "summary": "Improper Authentication\nAn authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03579", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03588", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05545", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05601", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05595", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538" }, { "reference_url": "https://curl.se/docs/CVE-2023-27538.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27538.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1898475", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://hackerone.com/reports/1898475" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103", "reference_id": "2179103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538", "reference_id": "CVE-2023-27538", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-27538" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7srk-hshe-h3f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49308?format=api", "vulnerability_id": "VCID-7vt9-pf5q-uqb6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0594" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02712", "scoring_system": "epss", "scoring_elements": "0.85931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85957", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.8602", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86025", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86027", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86003", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-b138.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2018-b138.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000301.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000301.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html" }, { "reference_url": "https://usn.ubuntu.com/3598-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-2/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4202" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/104225", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104225" }, { "reference_url": "http://www.securitytracker.com/id/1040931", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536", "reference_id": "1575536", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856", "reference_id": "898856", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301", "reference_id": "CVE-2018-1000301", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "USN-3648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3648-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000301" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vt9-pf5q-uqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34691?format=api", "vulnerability_id": "VCID-7xxh-66ys-4bhw", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83461", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.8356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83511", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83535", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419" }, { "reference_url": "https://curl.se/docs/CVE-2016-5419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5419.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183", "reference_id": "1362183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5419" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xxh-66ys-4bhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34391?format=api", "vulnerability_id": "VCID-9cbd-x468-rkaw", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.451", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5382", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53717", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53798", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53783", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840" }, { "reference_url": "https://curl.se/docs/CVE-2018-16840.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16840.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642203", "reference_id": "1642203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642203" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/ASA-201811-5", "reference_id": "ASA-201811-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-5" }, { "reference_url": "https://security.archlinux.org/ASA-201811-6", "reference_id": "ASA-201811-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-6" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://security.archlinux.org/AVG-799", "reference_id": "AVG-799", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-799" }, { "reference_url": "https://security.archlinux.org/AVG-800", "reference_id": "AVG-800", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-800" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3805-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-16840" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9cbd-x468-rkaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57259?format=api", "vulnerability_id": "VCID-9ggp-5wfj-ufcq", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42409", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42428", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42458", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42397", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42447", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42455", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42477", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.4244", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552" }, { "reference_url": "https://curl.se/docs/CVE-2022-43552.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-43552.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1764858", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://hackerone.com/reports/1764858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830", "reference_id": "1026830", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Mar/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652", "reference_id": "2152652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213670", "reference_id": "HT213670", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://support.apple.com/kb/HT213670" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230214-0002/", "reference_id": "ntap-20230214-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7743", "reference_id": "RHSA-2023:7743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5788-1/", "reference_id": "USN-5788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5788-1/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-43552" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ggp-5wfj-ufcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49278?format=api", "vulnerability_id": "VCID-9nak-pscy-e7gs", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01681", "scoring_system": "epss", "scoring_elements": "0.82218", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01681", "scoring_system": "epss", "scoring_elements": "0.82185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01681", "scoring_system": "epss", "scoring_elements": "0.82179", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02591", "scoring_system": "epss", "scoring_elements": "0.8553", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02591", "scoring_system": "epss", "scoring_elements": "0.85547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02753", "scoring_system": "epss", "scoring_elements": "0.85998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02753", "scoring_system": "epss", "scoring_elements": "0.86012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02753", "scoring_system": "epss", "scoring_elements": "0.85988", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02753", "scoring_system": "epss", "scoring_elements": "0.85969", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221" }, { "reference_url": "https://curl.se/docs/CVE-2022-32221.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32221.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1704017", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://hackerone.com/reports/1704017" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", "reference_id": "2135411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/05/17/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5330", "reference_id": "dsa-5330", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230208-0002/", "reference_id": "ntap-20230208-0002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0333", "reference_id": "RHSA-2023:0333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" }, { "reference_url": "https://usn.ubuntu.com/5702-2/", "reference_id": "USN-5702-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-2/" }, { "reference_url": "https://usn.ubuntu.com/5823-1/", "reference_id": "USN-5823-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5823-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-32221" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nak-pscy-e7gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34694?format=api", "vulnerability_id": "VCID-a3v7-ptf1-6qgd", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66857", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66921", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66943", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66977", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66963", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66932", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66964", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7141" }, { "reference_url": "https://curl.se/docs/CVE-2016-7141.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-7141.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373229", "reference_id": "1373229", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373229" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918", "reference_id": "836918", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-7141" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3v7-ptf1-6qgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47222?format=api", "vulnerability_id": "VCID-ac6r-spds-qbf5", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38366", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38464", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38528", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.3839", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5435" }, { "reference_url": "https://curl.se/docs/CVE-2019-5435.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5435.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435" }, { "reference_url": "https://hackerone.com/reports/547630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/547630" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609", "reference_id": "1710609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352", "reference_id": "929352", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352" }, { "reference_url": "https://security.archlinux.org/ASA-201905-13", "reference_id": "ASA-201905-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-13" }, { "reference_url": "https://security.archlinux.org/ASA-201905-14", "reference_id": "ASA-201905-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-14" }, { "reference_url": "https://security.archlinux.org/ASA-201905-15", "reference_id": "ASA-201905-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-15" }, { "reference_url": "https://security.archlinux.org/AVG-961", "reference_id": "AVG-961", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-961" }, { "reference_url": "https://security.archlinux.org/AVG-962", "reference_id": "AVG-962", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-962" }, { "reference_url": "https://security.archlinux.org/AVG-963", "reference_id": "AVG-963", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-963" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4383", "reference_id": "RHSA-2020:4383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4384", "reference_id": "RHSA-2020:4384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "reference_url": "https://usn.ubuntu.com/3993-1/", "reference_id": "USN-3993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2019-5435" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ac6r-spds-qbf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59713?format=api", "vulnerability_id": "VCID-ae59-w7a1-7keg", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.78736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.78727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01318", "scoring_system": "epss", "scoring_elements": "0.79891", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80043", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80064", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80089", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80109", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254" }, { "reference_url": "https://curl.haxx.se/673d0cd8.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/673d0cd8.patch" }, { "reference_url": "https://curl.haxx.se/docs/adv_20171004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20171004.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000254.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000254.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT208331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208331" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/101115", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101115" }, { "reference_url": "http://www.securitytracker.com/id/1039509", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039509" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541", "reference_id": "1495541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671", "reference_id": "877671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671" }, { "reference_url": "https://security.archlinux.org/ASA-201710-2", "reference_id": "ASA-201710-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-2" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.archlinux.org/AVG-422", "reference_id": "AVG-422", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-422" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000254", "reference_id": "CVE-2017-1000254", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000254" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000254" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ae59-w7a1-7keg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57263?format=api", "vulnerability_id": "VCID-arjz-67yz-wkg9", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40463", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.4044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40451", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40472", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40434", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40415", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533" }, { "reference_url": "https://curl.se/docs/CVE-2023-27533.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27533.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1891474", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://hackerone.com/reports/1891474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062", "reference_id": "2179062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0011/", "reference_id": "ntap-20230420-0011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-27533" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-arjz-67yz-wkg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34689?format=api", "vulnerability_id": "VCID-b2ef-zj3u-rbhy", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://curl.haxx.se/docs/adv_20160127A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://curl.haxx.se/docs/adv_20160127A.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html" }, { "reference_url": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61492", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61452", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61326", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61447", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61484", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755" }, { "reference_url": "https://curl.se/docs/CVE-2016-0755.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0755.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755" }, { "reference_url": "https://support.apple.com/HT207170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT207170" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3455", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3455" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/82307", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82307" }, { "reference_url": "http://www.securitytracker.com/id/1034882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034882" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2882-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2882-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263", "reference_id": "1302263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0755", "reference_id": "CVE-2016-0755", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0755" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/2882-1/", "reference_id": "USN-2882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-0755" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2ef-zj3u-rbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49271?format=api", "vulnerability_id": "VCID-bb2f-7qrm-1kca", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23006", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23049", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22992", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23104", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2294", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23066", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781" }, { "reference_url": "https://curl.se/docs/CVE-2022-27781.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27781.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1555441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082204", "reference_id": "2082204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082204" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-27781" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bb2f-7qrm-1kca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11278?format=api", "vulnerability_id": "VCID-bdy2-8gub-tfe6", "summary": "Double Free\nWhen sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57605", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57712", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57748", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57738", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57759", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57743", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57741", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.5769", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57686", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22945" }, { "reference_url": "https://curl.se/docs/CVE-2021-22945.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22945.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1269242", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://hackerone.com/reports/1269242" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001527", "reference_id": "2001527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001527" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945", "reference_id": "CVE-2021-22945", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22945" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdy2-8gub-tfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34693?format=api", "vulnerability_id": "VCID-bgtv-jrna-9yb3", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79695", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79675", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.7969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79718", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421" }, { "reference_url": "https://curl.se/docs/CVE-2016-5421.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5421.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199", "reference_id": "1362199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5421" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgtv-jrna-9yb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59715?format=api", "vulnerability_id": "VCID-bhvd-ntxz-dkg4", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63733", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63829", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63846", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.6386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63812", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-12e7.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2017-12e7.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-8816.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8816.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=161", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.cucumberlinux.com/security/details.php?id=161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "http://www.securityfocus.com/bid/101998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101998" }, { "reference_url": "http://www.securitytracker.com/id/1039896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039896" }, { "reference_url": "http://www.securitytracker.com/id/1040608", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757", "reference_id": "1515757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816", "reference_id": "CVE-2017-8816", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-8816" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhvd-ntxz-dkg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49701?format=api", "vulnerability_id": "VCID-bv57-gvfs-qfhj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86848", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86877", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.869", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86913", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86908", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000121.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000121.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", "reference_id": "1552631", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000121" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv57-gvfs-qfhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34704?format=api", "vulnerability_id": "VCID-c6dk-7gj6-7far", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74617", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74699", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74653", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74667", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7469", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74662", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623" }, { "reference_url": "https://curl.se/docs/CVE-2016-8623.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8623.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388", "reference_id": "1388388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8623" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6dk-7gj6-7far" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16997?format=api", "vulnerability_id": "VCID-cbah-e86c-w3fj", "summary": "Improper Authentication\nAn authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20226", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20386", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2017", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20251", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20311", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20341", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20295", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20236", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535" }, { "reference_url": "https://curl.se/docs/CVE-2023-27535.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27535.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892780", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://hackerone.com/reports/1892780" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073", "reference_id": "2179073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535", "reference_id": "CVE-2023-27535", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2650", "reference_id": "RHSA-2023:2650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3106", "reference_id": "RHSA-2023:3106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-27535" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbah-e86c-w3fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49702?format=api", "vulnerability_id": "VCID-cbph-fu9d-gbah", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83368", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83381", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83396", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8342", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8343", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83439", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83435", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000122.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000122.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", "reference_id": "1553398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000122" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbph-fu9d-gbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46198?format=api", "vulnerability_id": "VCID-cp4n-p2z3-43b4", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05444", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05476", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05545", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05532", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05514", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05549", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0557", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177" }, { "reference_url": "https://curl.se/docs/CVE-2020-8177.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/887462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/887462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847915", "reference_id": "1847915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847915" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281", "reference_id": "965281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281" }, { "reference_url": "https://security.archlinux.org/AVG-1194", "reference_id": "AVG-1194", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1194" }, { "reference_url": "https://security.gentoo.org/glsa/202007-16", "reference_id": "GLSA-202007-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4599", "reference_id": "RHSA-2020:4599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5002", "reference_id": "RHSA-2020:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5417", "reference_id": "RHSA-2020:5417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4402-1/", "reference_id": "USN-4402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8177" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cp4n-p2z3-43b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15716?format=api", "vulnerability_id": "VCID-dgtq-eaav-jyhf", "summary": "Out-of-bounds Write\nA buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3157", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0544", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0594", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0594" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81402", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81302", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81312", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81334", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81361", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81372", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81365", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-9cd6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.haxx.se/docs/adv_2018-9cd6.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/coapp-packages/curl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/coapp-packages/curl" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html" }, { "reference_url": "https://usn.ubuntu.com/3598-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-1" }, { "reference_url": "https://usn.ubuntu.com/3598-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-1/" }, { "reference_url": "https://usn.ubuntu.com/3598-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-2" }, { "reference_url": "https://usn.ubuntu.com/3598-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-2/" }, { "reference_url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531" }, { "reference_url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4136", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4136" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", "reference_id": "1552628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", "reference_id": "CVE-2018-1000120", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000120.html", "reference_id": "CVE-2018-1000120.HTML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000120.html" }, { "reference_url": "https://github.com/advisories/GHSA-674j-7m97-j2p9", "reference_id": "GHSA-674j-7m97-j2p9", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-674j-7m97-j2p9" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000120", "GHSA-674j-7m97-j2p9" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgtq-eaav-jyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47224?format=api", "vulnerability_id": "VCID-dhrf-2sz5-3bhf", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86623", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86617", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.8661", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88452", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.8846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88479", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88497", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04042", "scoring_system": "epss", "scoring_elements": "0.88514", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481" }, { "reference_url": "https://curl.se/docs/CVE-2019-5481.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5481.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/686823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/686823" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749402", "reference_id": "1749402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749402" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009", "reference_id": "940009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0250", "reference_id": "RHSA-2020:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2019-5481" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dhrf-2sz5-3bhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59718?format=api", "vulnerability_id": "VCID-drkp-q9r5-ukcm", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68167", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.6819", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68236", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68207", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72682", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72666", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72639", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8818" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-af0a.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2017-af0a.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-8818.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8818.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.cucumberlinux.com/security/details.php?id=163" }, { "reference_url": "http://www.securityfocus.com/bid/102014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102014" }, { "reference_url": "http://www.securitytracker.com/id/1039898", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517691", "reference_id": "1517691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517691" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.56.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.56.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.56.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.56.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818", "reference_id": "CVE-2017-8818", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-8818" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drkp-q9r5-ukcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34705?format=api", "vulnerability_id": "VCID-e58m-g37d-9fd6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80023", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80102", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80098", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80082", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80073", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624" }, { "reference_url": "https://curl.se/docs/CVE-2016-8624.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8624.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390", "reference_id": "1388390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8624" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e58m-g37d-9fd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34690?format=api", "vulnerability_id": "VCID-eap9-v2gp-fqgh", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77748", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77711", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77652", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77659", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77686", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77702", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77728", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3739" }, { "reference_url": "https://curl.haxx.se/changes.html#7_49_0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/changes.html#7_49_0" }, { "reference_url": "https://curl.haxx.se/CVE-2016-3739.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/CVE-2016-3739.patch" }, { "reference_url": "https://curl.haxx.se/docs/adv_20160518.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20160518.html" }, { "reference_url": "https://curl.se/docs/CVE-2016-3739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-3739.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/90726", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90726" }, { "reference_url": "http://www.securitytracker.com/id/1035907", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035907" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335430", "reference_id": "1335430", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335430" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3739", "reference_id": "CVE-2016-3739", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3739" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-3739" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eap9-v2gp-fqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34707?format=api", "vulnerability_id": "VCID-fnj3-2du1-4bhx", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75492", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.7559", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75525", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75506", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75548", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75557", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00891", "scoring_system": "epss", "scoring_elements": "0.75578", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161221A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20161221A.html" }, { "reference_url": "https://curl.se/docs/CVE-2016-9586.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9586.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/95019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95019" }, { "reference_url": "http://www.securitytracker.com/id/1037515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712", "reference_id": "1406712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958", "reference_id": "848958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9586", "reference_id": "CVE-2016-9586", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9586" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-9586" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnj3-2du1-4bhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94431?format=api", "vulnerability_id": "VCID-fnr7-xb26-dbez", "summary": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04329", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04307", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04228", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0429", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04334", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04343", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19909" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/curl/curl/pull/4166", "reference_id": "4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:11:17Z/" } ], "url": "https://github.com/curl/curl/pull/4166" }, { "reference_url": "https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/", "reference_id": "cve-2020-19909-is-everything-that-is-wrong-with-cves", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:11:17Z/" } ], "url": "https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-19909" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnr7-xb26-dbez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49713?format=api", "vulnerability_id": "VCID-fp65-97n1-xuaj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.7654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76475", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76457", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.765", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20170809B.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000100.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000100.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208221" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/100286", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100286" }, { "reference_url": "http://www.securitytracker.com/id/1039118", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310", "reference_id": "1478310", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555", "reference_id": "871555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100", "reference_id": "CVE-2017-1000100", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000100" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fp65-97n1-xuaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61668?format=api", "vulnerability_id": "VCID-frgg-29yv-dyf7", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25887", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25952", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25764", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25834", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25885", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25797", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22890" }, { "reference_url": "https://curl.se/docs/CVE-2021-22890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://curl.se/docs/CVE-2021-22890.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1129529", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://hackerone.com/reports/1129529" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941965", "reference_id": "1941965", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941965" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270", "reference_id": "986270", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890", "reference_id": "CVE-2021-22890", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frgg-29yv-dyf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61667?format=api", "vulnerability_id": "VCID-ggt7-eejg-xfb6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20928", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20845", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20987", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20925", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21131", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21078", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21003", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30169", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30153", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30201", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876" }, { "reference_url": "https://curl.se/docs/CVE-2021-22876.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1101882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://hackerone.com/reports/1101882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964", "reference_id": "1941964", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269", "reference_id": "986269", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.archlinux.org/AVG-1757", "reference_id": "AVG-1757", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1757" }, { "reference_url": "https://security.archlinux.org/AVG-1758", "reference_id": "AVG-1758", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876", "reference_id": "CVE-2021-22876", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" }, { "reference_url": "https://usn.ubuntu.com/4903-1/", "reference_id": "USN-4903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22876" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggt7-eejg-xfb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19507?format=api", "vulnerability_id": "VCID-gnx2-djyk-uyaf", "summary": "Cookie injection with none file\nThis flaw allows an attacker to insert cookies at will into a running program\nusing libcurl, if the specific series of conditions are met.\n\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\nthat are the individual handles for single transfers.\n\nlibcurl provides a function call that duplicates en easy handle called\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\n\nIf a transfer has cookies enabled when the handle is duplicated, the\ncookie-enable state is also cloned - but without cloning the actual\ncookies. If the source handle does not read any cookies from a specific file on\ndisk, the cloned version of the handle would instead store the file name as\n`none` (using the four ASCII letters, no quotes).\n\nSubsequent use of the cloned handle that does not explicitly set a source to\nload cookies from would then inadvertently load cookies from a file named\n`none` - if such a file exists and is readable in the current directory of the\nprogram using libcurl. And if using the correct file format of course.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48964", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48991", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48998", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48995", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48985", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2148242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2148242" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938", "reference_id": "2241938", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://security.archlinux.org/AVG-2845", "reference_id": "AVG-2845", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2845" }, { "reference_url": "https://security.archlinux.org/AVG-2846", "reference_id": "AVG-2846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546", "reference_id": "CVE-2023-38546", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546" }, { "reference_url": "https://curl.se/docs/CVE-2023-38546.html", "reference_id": "CVE-2023-38546.HTML", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://curl.se/docs/CVE-2023-38546.html" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/", "reference_id": "OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5700", "reference_id": "RHSA-2023:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5763", "reference_id": "RHSA-2023:5763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6745", "reference_id": "RHSA-2023:6745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7540", "reference_id": "RHSA-2023:7540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2101", "reference_id": "RHSA-2024:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2101" }, { "reference_url": "https://usn.ubuntu.com/6429-1/", "reference_id": "USN-6429-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-1/" }, { "reference_url": "https://usn.ubuntu.com/6429-2/", "reference_id": "USN-6429-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-2/" }, { "reference_url": "https://usn.ubuntu.com/6429-3/", "reference_id": "USN-6429-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-3/" }, { "reference_url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868", "reference_id": "viewtopic.php?f=8&t=8868", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-38546" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnx2-djyk-uyaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49276?format=api", "vulnerability_id": "VCID-gv7x-j8bz-wycc", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42604", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42633", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42594", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32207" }, { "reference_url": "https://curl.se/docs/CVE-2022-32207.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32207.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1573634", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://hackerone.com/reports/1573634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099305", "reference_id": "2099305", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099305" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-32207" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv7x-j8bz-wycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73974?format=api", "vulnerability_id": "VCID-hrsy-694u-2fec", "summary": "curl: OCSP stapling bypass with GnuTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66587", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66606", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.6662", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.66593", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519", "reference_id": "2310519", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519" }, { "reference_url": "https://hackerone.com/reports/2669852", "reference_id": "2669852", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://hackerone.com/reports/2669852" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.html", "reference_id": "CVE-2024-8096.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.json", "reference_id": "CVE-2024-8096.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.json" }, { "reference_url": "https://usn.ubuntu.com/7012-1/", "reference_id": "USN-7012-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7012-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582290?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7" } ], "aliases": [ "CVE-2024-8096" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hrsy-694u-2fec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34701?format=api", "vulnerability_id": "VCID-j2cq-q3r9-jfcp", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74253", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74306", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74284", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.7429", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74305", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620" }, { "reference_url": "https://curl.se/docs/CVE-2016-8620.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8620.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382", "reference_id": "1388382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8620" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2cq-q3r9-jfcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59714?format=api", "vulnerability_id": "VCID-j2qx-np45-4qdu", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77017", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76991", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80584", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80574", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257" }, { "reference_url": "https://curl.haxx.se/docs/adv_20171023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20171023.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000257.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000257.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2017/dsa-4007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-4007" }, { "reference_url": "http://www.securityfocus.com/bid/101519", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101519" }, { "reference_url": "http://www.securitytracker.com/id/1039644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039644" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705", "reference_id": "1503705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705" }, { "reference_url": "https://security.archlinux.org/ASA-201711-10", "reference_id": "ASA-201711-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-10" }, { "reference_url": "https://security.archlinux.org/ASA-201711-11", "reference_id": "ASA-201711-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-11" }, { "reference_url": "https://security.archlinux.org/ASA-201711-6", "reference_id": "ASA-201711-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-6" }, { "reference_url": "https://security.archlinux.org/ASA-201711-7", "reference_id": "ASA-201711-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-7" }, { "reference_url": "https://security.archlinux.org/ASA-201711-8", "reference_id": "ASA-201711-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-8" }, { "reference_url": "https://security.archlinux.org/ASA-201711-9", "reference_id": "ASA-201711-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-9" }, { "reference_url": "https://security.archlinux.org/AVG-462", "reference_id": "AVG-462", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-462" }, { "reference_url": "https://security.archlinux.org/AVG-463", "reference_id": "AVG-463", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-463" }, { "reference_url": "https://security.archlinux.org/AVG-464", "reference_id": "AVG-464", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-464" }, { "reference_url": "https://security.archlinux.org/AVG-465", "reference_id": "AVG-465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-465" }, { "reference_url": "https://security.archlinux.org/AVG-466", "reference_id": "AVG-466", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-466" }, { "reference_url": "https://security.archlinux.org/AVG-467", "reference_id": "AVG-467", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-467" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257", "reference_id": "CVE-2017-1000257", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3263", "reference_id": "RHSA-2017:3263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3263" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" }, { "reference_url": "https://usn.ubuntu.com/3457-1/", "reference_id": "USN-3457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3457-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000257" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qx-np45-4qdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46197?format=api", "vulnerability_id": "VCID-j5s3-rr74-nqb8", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15732", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15576", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15743", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15827", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15774", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8169" }, { "reference_url": "https://curl.se/docs/CVE-2020-8169.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8169.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/874778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/874778" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847916", "reference_id": "1847916", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847916" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280", "reference_id": "965280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280" }, { "reference_url": "https://security.archlinux.org/AVG-1194", "reference_id": "AVG-1194", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1194" }, { "reference_url": "https://security.gentoo.org/glsa/202007-16", "reference_id": "GLSA-202007-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4402-1/", "reference_id": "USN-4402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8169" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j5s3-rr74-nqb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34692?format=api", "vulnerability_id": "VCID-jeqg-g3en-5udw", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77906", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77864", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77896", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77923", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420" }, { "reference_url": "https://curl.se/docs/CVE-2016-5420.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5420.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190", "reference_id": "1362190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5420" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeqg-g3en-5udw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49699?format=api", "vulnerability_id": "VCID-jnfc-8f5d-pyh4", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55445", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55582", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5558", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55609", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55611", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5562", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55599", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000005" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000005.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", "reference_id": "1536013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536013" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000005" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jnfc-8f5d-pyh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34702?format=api", "vulnerability_id": "VCID-jqqf-gmd3-ubcd", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84576", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.8458", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84627", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84617", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621" }, { "reference_url": "https://curl.se/docs/CVE-2016-8621.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8621.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385", "reference_id": "1388385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8621" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqqf-gmd3-ubcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34700?format=api", "vulnerability_id": "VCID-jtw4-af4y-nkbk", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86359", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86441", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86425", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619" }, { "reference_url": "https://curl.se/docs/CVE-2016-8619.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8619.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379", "reference_id": "1388379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8619" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtw4-af4y-nkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50088?format=api", "vulnerability_id": "VCID-ju6h-a1sz-f7e5", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.7291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72994", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72973", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72967", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72955", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72968", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285" }, { "reference_url": "https://curl.se/docs/CVE-2020-8285.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1045844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1045844" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902687", "reference_id": "1902687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902687" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162", "reference_id": "977162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285", "reference_id": "CVE-2020-8285", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8285" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ju6h-a1sz-f7e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34695?format=api", "vulnerability_id": "VCID-k8kj-q1je-f7bt", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84631", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84715", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.8471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84704", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84646", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84666", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84667", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02289", "scoring_system": "epss", "scoring_elements": "0.84689", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7167" }, { "reference_url": "https://curl.se/docs/CVE-2016-7167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-7167.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375906", "reference_id": "1375906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945", "reference_id": "837945", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945" }, { "reference_url": "https://security.archlinux.org/ASA-201609-18", "reference_id": "ASA-201609-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-18" }, { "reference_url": "https://security.archlinux.org/ASA-201609-19", "reference_id": "ASA-201609-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-19" }, { "reference_url": "https://security.archlinux.org/AVG-20", "reference_id": "AVG-20", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-20" }, { "reference_url": "https://security.archlinux.org/AVG-21", "reference_id": "AVG-21", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-21" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2016", "reference_id": "RHSA-2017:2016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2016" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-7167" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kj-q1je-f7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49307?format=api", "vulnerability_id": "VCID-krgt-drpz-y7cy", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75565", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.7547", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75501", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75482", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75524", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75533", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75553", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75531", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75522", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-82c2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2018-82c2.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000300.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000300.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/104207", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104207" }, { "reference_url": "http://www.securitytracker.com/id/1040933", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040933" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575533", "reference_id": "1575533", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575533" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300", "reference_id": "CVE-2018-1000300", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "USN-3648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3648-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000300" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-krgt-drpz-y7cy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16992?format=api", "vulnerability_id": "VCID-ms2r-94ph-yyh3", "summary": "Improper Authentication\nAn authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01282", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01285", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01301", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01306", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0131", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01291", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536" }, { "reference_url": "https://curl.se/docs/CVE-2023-27536.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27536.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1895135", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://hackerone.com/reports/1895135" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092", "reference_id": "2179092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536", "reference_id": "CVE-2023-27536", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-27536" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2r-94ph-yyh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50089?format=api", "vulnerability_id": "VCID-n51k-39uk-auca", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52154", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52113", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59717", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59638", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59564", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59697", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286" }, { "reference_url": "https://curl.se/docs/CVE-2020-8286.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1048457", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://hackerone.com/reports/1048457" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906096", "reference_id": "1906096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906096" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/50", "reference_id": "50", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/51", "reference_id": "51", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/54", "reference_id": "54", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161", "reference_id": "977161", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286", "reference_id": "CVE-2020-8286", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf", "reference_id": "ssa-200951.pdf", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8286" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n51k-39uk-auca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57262?format=api", "vulnerability_id": "VCID-n57n-cymy-z7dr", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25909", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25878", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25948", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25905", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916" }, { "reference_url": "https://curl.se/docs/CVE-2023-23916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-23916.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1826048", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://hackerone.com/reports/1826048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371", "reference_id": "1031371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815", "reference_id": "2167815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/", "reference_id": "BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5365", "reference_id": "dsa-5365", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html", "reference_id": "msg00035.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230309-0006/", "reference_id": "ntap-20230309-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1140", "reference_id": "RHSA-2023:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1701", "reference_id": "RHSA-2023:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1842", "reference_id": "RHSA-2023:1842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3460", "reference_id": "RHSA-2023:3460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5891-1/", "reference_id": "USN-5891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-23916" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n57n-cymy-z7dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61669?format=api", "vulnerability_id": "VCID-ph5u-5j8n-4qah", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31806", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3184", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31935", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31977", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31797", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31849", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31882", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31808", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898" }, { "reference_url": "https://curl.se/docs/CVE-2021-22898.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1176461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1176461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887", "reference_id": "1964887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228", "reference_id": "989228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/ASA-202106-8", "reference_id": "ASA-202106-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-8" }, { "reference_url": "https://security.archlinux.org/ASA-202106-9", "reference_id": "ASA-202106-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-9" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.archlinux.org/AVG-1999", "reference_id": "AVG-1999", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1999" }, { "reference_url": "https://security.archlinux.org/AVG-2000", "reference_id": "AVG-2000", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2000" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ph5u-5j8n-4qah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49265?format=api", "vulnerability_id": "VCID-q229-ag6u-u3hv", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50585", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56699", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56669", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5801", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58012", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58028", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576" }, { "reference_url": "https://curl.se/docs/CVE-2022-22576.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-22576.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1526328", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1526328" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295", "reference_id": "1010295", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077541", "reference_id": "2077541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077541" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-22576" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q229-ag6u-u3hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49766?format=api", "vulnerability_id": "VCID-q3hu-8uy5-e3a4", "summary": "A coding error has been found in cURL, causing the TLS Certificate\n Status Request extension check to always return true.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58261", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58346", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.5834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58393", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58399", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58416", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58395", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58376", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629" }, { "reference_url": "https://curl.se/docs/CVE-2017-2629.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-2629.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746", "reference_id": "1425746", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746" }, { "reference_url": "https://security.archlinux.org/ASA-201703-1", "reference_id": "ASA-201703-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-1" }, { "reference_url": "https://security.archlinux.org/AVG-179", "reference_id": "AVG-179", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-179" }, { "reference_url": "https://security.archlinux.org/AVG-180", "reference_id": "AVG-180", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-180" }, { "reference_url": "https://security.archlinux.org/AVG-181", "reference_id": "AVG-181", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-181" }, { "reference_url": "https://security.archlinux.org/AVG-182", "reference_id": "AVG-182", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-182" }, { "reference_url": "https://security.archlinux.org/AVG-183", "reference_id": "AVG-183", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-183" }, { "reference_url": "https://security.archlinux.org/AVG-184", "reference_id": "AVG-184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-184" }, { "reference_url": "https://security.gentoo.org/glsa/201703-04", "reference_id": "GLSA-201703-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201703-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2017-2629" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3hu-8uy5-e3a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47208?format=api", "vulnerability_id": "VCID-qdcn-2u3v-b3cv", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60632", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60627", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60612", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62608", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62656", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62672", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62606", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62641", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218" }, { "reference_url": "https://curl.se/docs/CVE-2023-46218.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-46218.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2212193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2212193" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646", "reference_id": "1057646", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030", "reference_id": "2252030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0434", "reference_id": "RHSA-2024:0434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0452", "reference_id": "RHSA-2024:0452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1129", "reference_id": "RHSA-2024:1129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://usn.ubuntu.com/6535-1/", "reference_id": "USN-6535-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6535-1/" }, { "reference_url": "https://usn.ubuntu.com/6641-1/", "reference_id": "USN-6641-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6641-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-46218" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcn-2u3v-b3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39485?format=api", "vulnerability_id": "VCID-qka4-jfdb-w3d5", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3144.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.7711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77008", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77094", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77074", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01008", "scoring_system": "epss", "scoring_elements": "0.77069", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3144" }, { "reference_url": "https://curl.se/docs/CVE-2015-3144.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3144.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213335", "reference_id": "1213335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213335" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3144" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qka4-jfdb-w3d5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39489?format=api", "vulnerability_id": "VCID-r447-deb8-2ydj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3237.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89818", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89857", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89863", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89869", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.8986", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3237" }, { "reference_url": "https://curl.se/docs/CVE-2015-3237.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3237.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233814", "reference_id": "1233814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233814" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3237" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r447-deb8-2ydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49268?format=api", "vulnerability_id": "VCID-r7bh-7wur-xffs", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71649", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71565", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71605", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71616", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71604", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776" }, { "reference_url": "https://curl.se/docs/CVE-2022-27776.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27776.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1547048", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://hackerone.com/reports/1547048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252", "reference_id": "1010252", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408", "reference_id": "2078408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", "reference_id": "7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", "reference_id": "DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-27776" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7bh-7wur-xffs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50087?format=api", "vulnerability_id": "VCID-rmez-cwu2-2ya7", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28391", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28321", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28368", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28299", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28408", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284" }, { "reference_url": "https://curl.se/docs/CVE-2020-8284.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1040166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1040166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667", "reference_id": "1902667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163", "reference_id": "977163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8284" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmez-cwu2-2ya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57269?format=api", "vulnerability_id": "VCID-s73y-y7v7-43cm", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70232", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70278", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70294", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70317", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70289", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322" }, { "reference_url": "https://curl.se/docs/CVE-2023-28322.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28322.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1954658", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://hackerone.com/reports/1954658" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793", "reference_id": "2196793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-28322" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49263?format=api", "vulnerability_id": "VCID-sh5a-fmna-wffr", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23322", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23227", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23277", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23299", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23261", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23204", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946" }, { "reference_url": "https://curl.se/docs/CVE-2021-22946.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22946.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1334111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589", "reference_id": "1017589", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003175", "reference_id": "2003175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003175" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4059", "reference_id": "RHSA-2021:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0635", "reference_id": "RHSA-2022:0635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5a-fmna-wffr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57264?format=api", "vulnerability_id": "VCID-syz5-5y6f-s7er", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19882", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19963", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20126", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19854", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19933", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20007", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534" }, { "reference_url": "https://curl.se/docs/CVE-2023-27534.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27534.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1892351" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069", "reference_id": "2179069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-27534" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-syz5-5y6f-s7er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49274?format=api", "vulnerability_id": "VCID-t1fk-cbsx-j3gh", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32205.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32205.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85604", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85522", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85564", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85581", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32205" }, { "reference_url": "https://curl.se/docs/CVE-2022-32205.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32205.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1569946", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://hackerone.com/reports/1569946" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099296", "reference_id": "2099296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099296" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2771", "reference_id": "AVG-2771", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2771" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-32205" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1fk-cbsx-j3gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49264?format=api", "vulnerability_id": "VCID-t4gn-9fw8-gkc3", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.486", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48718", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48641", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48683", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48657", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48669", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947" }, { "reference_url": "https://curl.se/docs/CVE-2021-22947.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22947.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1334763" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003191", "reference_id": "2003191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003191" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4059", "reference_id": "RHSA-2021:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0635", "reference_id": "RHSA-2022:0635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22947" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gn-9fw8-gkc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49267?format=api", "vulnerability_id": "VCID-t8t6-9wa3-aub7", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3597", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35931", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35907", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36026", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3594", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35964", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27775" }, { "reference_url": "https://curl.se/docs/CVE-2022-27775.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27775.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1546268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1546268" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010253", "reference_id": "1010253", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010253" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078388", "reference_id": "2078388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078388" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8299", "reference_id": "RHSA-2022:8299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8299" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-27775" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8t6-9wa3-aub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19509?format=api", "vulnerability_id": "VCID-tcqe-7skm-b3fz", "summary": "Out-of-bounds Write\nThis flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96312", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96292", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.963", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2625", "scoring_system": "epss", "scoring_elements": "0.96303", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.26747", "scoring_system": "epss", "scoring_elements": "0.96315", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2187833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2187833" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", "reference_id": "2241933", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://security.archlinux.org/AVG-2845", "reference_id": "AVG-2845", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2845" }, { "reference_url": "https://security.archlinux.org/AVG-2846", "reference_id": "AVG-2846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", "reference_id": "CVE-2023-38545", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545" }, { "reference_url": "https://curl.se/docs/CVE-2023-38545.html", "reference_id": "CVE-2023-38545.HTML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://curl.se/docs/CVE-2023-38545.html" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/", "reference_id": "high-severity-heap-buffer-overflow-vulnerability", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0009/", "reference_id": "ntap-20231027-0009", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0005/", "reference_id": "ntap-20240201-0005", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0005/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/", "reference_id": "OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5700", "reference_id": "RHSA-2023:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5763", "reference_id": "RHSA-2023:5763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6745", "reference_id": "RHSA-2023:6745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0797", "reference_id": "RHSA-2024:0797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2011", "reference_id": "RHSA-2024:2011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2011" }, { "reference_url": "https://usn.ubuntu.com/6429-1/", "reference_id": "USN-6429-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-1/" }, { "reference_url": "https://usn.ubuntu.com/6429-3/", "reference_id": "USN-6429-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-3/" }, { "reference_url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868", "reference_id": "viewtopic.php?f=8&t=8868", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2023-38545" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcqe-7skm-b3fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39487?format=api", "vulnerability_id": "VCID-tmv3-fzje-sbck", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82137", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.8215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82172", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82221", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82208", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148" }, { "reference_url": "https://curl.se/docs/CVE-2015-3148.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3148.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351", "reference_id": "1213351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3148" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tmv3-fzje-sbck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34388?format=api", "vulnerability_id": "VCID-tz47-j4ey-t7g6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65733", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69387", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69398", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69414", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69393", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69444", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.6946", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69481", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69466", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618" }, { "reference_url": "https://curl.se/docs/CVE-2018-14618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-14618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622707", "reference_id": "1622707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622707" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327", "reference_id": "908327", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1880", "reference_id": "RHSA-2019:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1880" }, { "reference_url": "https://usn.ubuntu.com/3765-1/", "reference_id": "USN-3765-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3765-1/" }, { "reference_url": "https://usn.ubuntu.com/3765-2/", "reference_id": "USN-3765-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3765-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-14618" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tz47-j4ey-t7g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47212?format=api", "vulnerability_id": "VCID-u4bx-xqb3-vuef", "summary": "Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.8347", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83512", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01962", "scoring_system": "epss", "scoring_elements": "0.83509", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498", "reference_id": "2270498", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498" }, { "reference_url": "https://hackerone.com/reports/2402845", "reference_id": "2402845", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://hackerone.com/reports/2402845" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/", "reference_id": "2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.html", "reference_id": "CVE-2024-2398.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.json", "reference_id": "CVE-2024-2398.json", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/", "reference_id": "GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0009/", "reference_id": "ntap-20240503-0009", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3998", "reference_id": "RHSA-2024:3998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5529", "reference_id": "RHSA-2024:5529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5654", "reference_id": "RHSA-2024:5654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://usn.ubuntu.com/6718-1/", "reference_id": "USN-6718-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-1/" }, { "reference_url": "https://usn.ubuntu.com/6718-2/", "reference_id": "USN-6718-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-2/" }, { "reference_url": "https://usn.ubuntu.com/6718-3/", "reference_id": "USN-6718-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2024-2398" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4bx-xqb3-vuef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74703?format=api", "vulnerability_id": "VCID-v3qf-6wju-1bg8", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80347", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80428", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80373", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80362", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80402", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.8042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80405", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80398", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16890.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-16890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106947", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", "reference_id": "1670252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890", "reference_id": "CVE-2018-16890", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-16890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3qf-6wju-1bg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43382?format=api", "vulnerability_id": "VCID-vr9x-yqsd-6fc8", "summary": "A heap-based buffer overflow in cURL might allow remote attackers\n to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78519", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78461", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78518", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78499", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78491", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-70a2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2018-70a2.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-0500.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-0500.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/curl/curl/commit/ba1dbd78e5f1ed67c1b8d37ac89d90e5e330b628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/curl/curl/commit/ba1dbd78e5f1ed67c1b8d37ac89d90e5e330b628" }, { "reference_url": "http://www.securitytracker.com/id/1041280", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597101", "reference_id": "1597101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546", "reference_id": "903546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546" }, { "reference_url": "https://security.archlinux.org/ASA-201807-10", "reference_id": "ASA-201807-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-10" }, { "reference_url": "https://security.archlinux.org/ASA-201807-5", "reference_id": "ASA-201807-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-5" }, { "reference_url": "https://security.archlinux.org/ASA-201807-6", "reference_id": "ASA-201807-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-6" }, { "reference_url": "https://security.archlinux.org/ASA-201807-7", "reference_id": "ASA-201807-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-7" }, { "reference_url": "https://security.archlinux.org/ASA-201807-8", "reference_id": "ASA-201807-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-8" }, { "reference_url": "https://security.archlinux.org/ASA-201807-9", "reference_id": "ASA-201807-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-9" }, { "reference_url": "https://security.archlinux.org/AVG-729", "reference_id": "AVG-729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-729" }, { "reference_url": "https://security.archlinux.org/AVG-730", "reference_id": "AVG-730", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-730" }, { "reference_url": "https://security.archlinux.org/AVG-731", "reference_id": "AVG-731", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-731" }, { "reference_url": "https://security.archlinux.org/AVG-732", "reference_id": "AVG-732", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-732" }, { "reference_url": "https://security.archlinux.org/AVG-733", "reference_id": "AVG-733", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-733" }, { "reference_url": "https://security.archlinux.org/AVG-734", "reference_id": "AVG-734", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-734" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500", "reference_id": "CVE-2018-0500", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500" }, { "reference_url": "https://security.gentoo.org/glsa/201807-04", "reference_id": "GLSA-201807-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201807-04" }, { "reference_url": "https://usn.ubuntu.com/3710-1/", "reference_id": "USN-3710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-0500" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vr9x-yqsd-6fc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34696?format=api", "vulnerability_id": "VCID-vxpj-xygq-9be2", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84774", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8481", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84839", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84849", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615" }, { "reference_url": "https://curl.se/docs/CVE-2016-8615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8615.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370", "reference_id": "1388370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8615" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpj-xygq-9be2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34699?format=api", "vulnerability_id": "VCID-vyk2-s5ut-ubbz", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81967", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82068", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81997", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82024", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82031", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.8204", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82033", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82001", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618" }, { "reference_url": "https://curl.se/docs/CVE-2016-8618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378", "reference_id": "1388378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8618" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vyk2-s5ut-ubbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34394?format=api", "vulnerability_id": "VCID-w8ks-xk66-r3fm", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82071", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82175", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82104", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82126", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82134", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82153", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01673", "scoring_system": "epss", "scoring_elements": "0.82137", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3823.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://curl.se/docs/CVE-2019-3823.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", "reference_id": "1670256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823", "reference_id": "CVE-2019-3823", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2019-3823" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8ks-xk66-r3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39486?format=api", "vulnerability_id": "VCID-wh98-pw9h-cyfx", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3145.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3145.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98425", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98407", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98412", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.98416", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.63704", "scoring_system": "epss", "scoring_elements": "0.9842", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3145" }, { "reference_url": "https://curl.se/docs/CVE-2015-3145.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3145.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213347", "reference_id": "1213347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213347" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3145" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wh98-pw9h-cyfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59717?format=api", "vulnerability_id": "VCID-wrh2-77dv-hbdz", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74919", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74941", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.7491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00981", "scoring_system": "epss", "scoring_elements": "0.76812", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-ae72.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2017-ae72.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-8817.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8817.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=162", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.cucumberlinux.com/security/details.php?id=162" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "http://www.securityfocus.com/bid/102057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102057" }, { "reference_url": "http://www.securitytracker.com/id/1039897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760", "reference_id": "1515760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760" }, { "reference_url": "https://security.archlinux.org/ASA-201711-33", "reference_id": "ASA-201711-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-33" }, { "reference_url": "https://security.archlinux.org/ASA-201711-34", "reference_id": "ASA-201711-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-34" }, { "reference_url": "https://security.archlinux.org/ASA-201711-35", "reference_id": "ASA-201711-35", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-35" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-524", "reference_id": "AVG-524", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-524" }, { "reference_url": "https://security.archlinux.org/AVG-525", "reference_id": "AVG-525", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-525" }, { "reference_url": "https://security.archlinux.org/AVG-526", "reference_id": "AVG-526", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-526" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817", "reference_id": "CVE-2017-8817", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" }, { "reference_url": "https://usn.ubuntu.com/3498-2/", "reference_id": "USN-3498-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-8817" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wrh2-77dv-hbdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47225?format=api", "vulnerability_id": "VCID-wwam-tcmv-kqhc", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may lead to arbitrary code execution.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06912", "scoring_system": "epss", "scoring_elements": "0.91427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06912", "scoring_system": "epss", "scoring_elements": "0.91403", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06912", "scoring_system": "epss", "scoring_elements": "0.91402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92281", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.9225", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92286", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92257", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08332", "scoring_system": "epss", "scoring_elements": "0.92277", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5482.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://curl.se/docs/CVE-2019-5482.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/684603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/684603" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191004-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200416-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749652", "reference_id": "1749652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749652" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010", "reference_id": "940010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482", "reference_id": "CVE-2019-5482", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0250", "reference_id": "RHSA-2020:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3916", "reference_id": "RHSA-2020:3916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0759", "reference_id": "RHSA-2021:0759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0759" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0877", "reference_id": "RHSA-2021:0877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1027", "reference_id": "RHSA-2021:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1027" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" }, { "reference_url": "https://usn.ubuntu.com/4129-2/", "reference_id": "USN-4129-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2019-5482" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wwam-tcmv-kqhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39484?format=api", "vulnerability_id": "VCID-xspf-45t1-2uhf", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.8757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.875", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.8751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87526", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87545", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87552", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87556", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143" }, { "reference_url": "https://curl.se/docs/CVE-2015-3143.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3143.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306", "reference_id": "1213306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3143" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xspf-45t1-2uhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49275?format=api", "vulnerability_id": "VCID-xzay-sjpy-3yce", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.892", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89143", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89158", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89187", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206" }, { "reference_url": "https://curl.se/docs/CVE-2022-32206.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32206.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1570651", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://hackerone.com/reports/1570651" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099300", "reference_id": "2099300", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099300" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/02/15/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6159", "reference_id": "RHSA-2022:6159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3460", "reference_id": "RHSA-2023:3460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3460" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-32206" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzay-sjpy-3yce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11000?format=api", "vulnerability_id": "VCID-y32p-52ps-4ug4", "summary": "Use of Incorrectly-Resolved Name or Reference\nlibcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function does not take `issuercert` into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn't include the `issuer cert` which a transfer can set to qualify how to verify the server certificate.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73012", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73016", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73064", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.7307", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73091", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73053", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73042", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924" }, { "reference_url": "https://curl.se/docs/CVE-2021-22924.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22924.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223565", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://hackerone.com/reports/1223565" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981460", "reference_id": "1981460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981460" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492", "reference_id": "991492", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924", "reference_id": "CVE-2021-22924", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3582", "reference_id": "RHSA-2021:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "reference_id": "ssa-732250.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2021-22924" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y32p-52ps-4ug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49277?format=api", "vulnerability_id": "VCID-y4x5-n5m2-x7bq", "summary": "Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37916", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37819", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37883", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37898", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37862", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37837", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208" }, { "reference_url": "https://curl.se/docs/CVE-2022-32208.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32208.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1590071", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://hackerone.com/reports/1590071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099306", "reference_id": "2099306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099306" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6159", "reference_id": "RHSA-2022:6159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2022-32208" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4x5-n5m2-x7bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39488?format=api", "vulnerability_id": "VCID-yubp-g4rt-c3e6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3236.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89112", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89119", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89134", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.8916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.8917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89166", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.89164", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3236" }, { "reference_url": "https://curl.se/docs/CVE-2015-3236.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3236.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233816", "reference_id": "1233816", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233816" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3236" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yubp-g4rt-c3e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50086?format=api", "vulnerability_id": "VCID-yvdd-ataf-ckf1", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in information disclosure or data loss.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36844", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44803", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44855", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44858", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44875", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44761", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231" }, { "reference_url": "https://curl.se/docs/CVE-2020-8231.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8231.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/948876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/948876" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868032", "reference_id": "1868032", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868032" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831", "reference_id": "968831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231", "reference_id": "CVE-2020-8231", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://usn.ubuntu.com/4466-1/", "reference_id": "USN-4466-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-1/" }, { "reference_url": "https://usn.ubuntu.com/4466-2/", "reference_id": "USN-4466-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-2/" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582289?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cx5-1qnw-uufj" }, { "vulnerability": "VCID-2szj-xvgq-pkfr" }, { "vulnerability": "VCID-4e1k-7bj9-hfch" }, { "vulnerability": "VCID-4gze-cwtp-2bgr" }, { "vulnerability": "VCID-4seq-hvbx-7fg8" }, { "vulnerability": "VCID-56wg-yafz-gkgx" }, { "vulnerability": "VCID-6we4-n888-6qhe" }, { "vulnerability": "VCID-8zks-th64-33b8" }, { "vulnerability": "VCID-ddgz-rczw-jqfw" }, { "vulnerability": "VCID-etzn-uhck-h7b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-mkyr-w79c-qqfz" }, { "vulnerability": "VCID-nvzd-v3bs-6qek" }, { "vulnerability": "VCID-pwn6-j8vf-rufk" }, { "vulnerability": "VCID-qbpd-star-6fgn" }, { "vulnerability": "VCID-qpux-jh6k-8qhx" }, { "vulnerability": "VCID-vbbv-k1r7-kkas" }, { "vulnerability": "VCID-x57x-w8g8-7ybz" }, { "vulnerability": "VCID-xpss-yndr-mycj" }, { "vulnerability": "VCID-yaas-j3qk-kfdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13" } ], "aliases": [ "CVE-2020-8231" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvdd-ataf-ckf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34706?format=api", "vulnerability_id": "VCID-yxks-8529-23bj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81219", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.8132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81251", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.8125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81278", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.81304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01526", "scoring_system": "epss", "scoring_elements": "0.8129", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8625" }, { "reference_url": "https://curl.se/docs/CVE-2016-8625.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8625.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388392", "reference_id": "1388392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388392" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8625" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxks-8529-23bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34698?format=api", "vulnerability_id": "VCID-zxz2-xfpd-pbay", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19573", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19482", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19763", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19488", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19619", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19575", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19517", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617" }, { "reference_url": "https://curl.se/docs/CVE-2016-8617.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8617.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377", "reference_id": "1388377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8617" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxz2-xfpd-pbay" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49714?format=api", "vulnerability_id": "VCID-1mf9-u8y1-zbb1", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7019", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7016", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70096", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70111", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20170809A.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000101.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208221" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/100249", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100249" }, { "reference_url": "http://www.securitytracker.com/id/1039117", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309", "reference_id": "1478309", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554", "reference_id": "871554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101", "reference_id": "CVE-2017-1000101", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000101" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mf9-u8y1-zbb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34703?format=api", "vulnerability_id": "VCID-5jan-pqf6-fyhr", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81845", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81927", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81915", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81911", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81879", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81875", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622" }, { "reference_url": "https://curl.se/docs/CVE-2016-8622.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8622.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386", "reference_id": "1388386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8622" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jan-pqf6-fyhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34697?format=api", "vulnerability_id": "VCID-6muy-xpdq-9kg8", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88617", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88635", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.8864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0413", "scoring_system": "epss", "scoring_elements": "0.88645", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616" }, { "reference_url": "https://curl.se/docs/CVE-2016-8616.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8616.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371", "reference_id": "1388371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8616" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6muy-xpdq-9kg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49700?format=api", "vulnerability_id": "VCID-6yb7-t8qs-cbch", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87259", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87302", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03344", "scoring_system": "epss", "scoring_elements": "0.87285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88227", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88238", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03871", "scoring_system": "epss", "scoring_elements": "0.88231", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000007.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", "reference_id": "1537125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" }, { "reference_url": "https://usn.ubuntu.com/3554-2/", "reference_id": "USN-3554-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000007" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yb7-t8qs-cbch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80714?format=api", "vulnerability_id": "VCID-7c8e-eaqy-akeu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9296", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92922", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9293", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92945", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.9295", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0976", "scoring_system": "epss", "scoring_elements": "0.92949", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153" }, { "reference_url": "https://curl.se/docs/CVE-2015-3153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3153.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341", "reference_id": "1217341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3153" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7c8e-eaqy-akeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49308?format=api", "vulnerability_id": "VCID-7vt9-pf5q-uqb6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0594" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02712", "scoring_system": "epss", "scoring_elements": "0.85931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85957", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.85968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.8602", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86025", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86027", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02761", "scoring_system": "epss", "scoring_elements": "0.86003", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-b138.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2018-b138.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000301.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000301.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html" }, { "reference_url": "https://usn.ubuntu.com/3598-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-2/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4202" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/104225", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104225" }, { "reference_url": "http://www.securitytracker.com/id/1040931", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536", "reference_id": "1575536", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856", "reference_id": "898856", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301", "reference_id": "CVE-2018-1000301", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "USN-3648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3648-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000301" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vt9-pf5q-uqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34691?format=api", "vulnerability_id": "VCID-7xxh-66ys-4bhw", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83461", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.8356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83511", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01968", "scoring_system": "epss", "scoring_elements": "0.83535", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419" }, { "reference_url": "https://curl.se/docs/CVE-2016-5419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5419.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183", "reference_id": "1362183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5419" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xxh-66ys-4bhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59713?format=api", "vulnerability_id": "VCID-ae59-w7a1-7keg", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.78736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.78727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01318", "scoring_system": "epss", "scoring_elements": "0.79891", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80043", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80064", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80089", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01348", "scoring_system": "epss", "scoring_elements": "0.80109", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254" }, { "reference_url": "https://curl.haxx.se/673d0cd8.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/673d0cd8.patch" }, { "reference_url": "https://curl.haxx.se/docs/adv_20171004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20171004.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000254.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000254.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT208331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208331" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/101115", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101115" }, { "reference_url": "http://www.securitytracker.com/id/1039509", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039509" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541", "reference_id": "1495541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671", "reference_id": "877671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671" }, { "reference_url": "https://security.archlinux.org/ASA-201710-2", "reference_id": "ASA-201710-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-2" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.archlinux.org/AVG-422", "reference_id": "AVG-422", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-422" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000254", "reference_id": "CVE-2017-1000254", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000254" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000254" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ae59-w7a1-7keg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34689?format=api", "vulnerability_id": "VCID-b2ef-zj3u-rbhy", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://curl.haxx.se/docs/adv_20160127A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://curl.haxx.se/docs/adv_20160127A.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html" }, { "reference_url": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61492", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61452", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61326", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61447", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61484", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755" }, { "reference_url": "https://curl.se/docs/CVE-2016-0755.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0755.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755" }, { "reference_url": "https://support.apple.com/HT207170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT207170" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3455", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3455" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/82307", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82307" }, { "reference_url": "http://www.securitytracker.com/id/1034882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034882" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2882-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2882-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263", "reference_id": "1302263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0755", "reference_id": "CVE-2016-0755", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0755" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/2882-1/", "reference_id": "USN-2882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-0755" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2ef-zj3u-rbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34693?format=api", "vulnerability_id": "VCID-bgtv-jrna-9yb3", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79695", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79675", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.7969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.79718", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421" }, { "reference_url": "https://curl.se/docs/CVE-2016-5421.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5421.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199", "reference_id": "1362199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5421" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgtv-jrna-9yb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59715?format=api", "vulnerability_id": "VCID-bhvd-ntxz-dkg4", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63733", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63829", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63846", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.6386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63812", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-12e7.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2017-12e7.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-8816.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8816.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=161", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.cucumberlinux.com/security/details.php?id=161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "http://www.securityfocus.com/bid/101998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101998" }, { "reference_url": "http://www.securitytracker.com/id/1039896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039896" }, { "reference_url": "http://www.securitytracker.com/id/1040608", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757", "reference_id": "1515757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816", "reference_id": "CVE-2017-8816", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-8816" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhvd-ntxz-dkg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49701?format=api", "vulnerability_id": "VCID-bv57-gvfs-qfhj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86848", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86877", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.869", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86913", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86908", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03154", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000121.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000121.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", "reference_id": "1552631", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000121" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv57-gvfs-qfhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34704?format=api", "vulnerability_id": "VCID-c6dk-7gj6-7far", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74617", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74699", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74653", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74667", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7469", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74662", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623" }, { "reference_url": "https://curl.se/docs/CVE-2016-8623.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8623.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388", "reference_id": "1388388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8623" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6dk-7gj6-7far" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49702?format=api", "vulnerability_id": "VCID-cbph-fu9d-gbah", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83368", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83381", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83396", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8342", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.8343", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83439", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01942", "scoring_system": "epss", "scoring_elements": "0.83435", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000122.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000122.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", "reference_id": "1553398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000122" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbph-fu9d-gbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15716?format=api", "vulnerability_id": "VCID-dgtq-eaav-jyhf", "summary": "Out-of-bounds Write\nA buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3157", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0544", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0594", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0594" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81402", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81302", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81312", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81334", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81361", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81372", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0154", "scoring_system": "epss", "scoring_elements": "0.81365", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-9cd6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.haxx.se/docs/adv_2018-9cd6.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/coapp-packages/curl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/coapp-packages/curl" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html" }, { "reference_url": "https://usn.ubuntu.com/3598-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-1" }, { "reference_url": "https://usn.ubuntu.com/3598-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-1/" }, { "reference_url": "https://usn.ubuntu.com/3598-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-2" }, { "reference_url": "https://usn.ubuntu.com/3598-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-2/" }, { "reference_url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531" }, { "reference_url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4136", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4136" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", "reference_id": "1552628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", "reference_id": "CVE-2018-1000120", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000120.html", "reference_id": "CVE-2018-1000120.HTML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000120.html" }, { "reference_url": "https://github.com/advisories/GHSA-674j-7m97-j2p9", "reference_id": "GHSA-674j-7m97-j2p9", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-674j-7m97-j2p9" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-1000120", "GHSA-674j-7m97-j2p9" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgtq-eaav-jyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34705?format=api", "vulnerability_id": "VCID-e58m-g37d-9fd6", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80023", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80102", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80098", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80082", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80073", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624" }, { "reference_url": "https://curl.se/docs/CVE-2016-8624.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8624.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390", "reference_id": "1388390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8624" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e58m-g37d-9fd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49713?format=api", "vulnerability_id": "VCID-fp65-97n1-xuaj", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow attackers to bypass intended restrictions.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.7654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76475", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76457", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.765", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20170809B.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000100.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000100.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208221" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "http://www.securityfocus.com/bid/100286", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100286" }, { "reference_url": "http://www.securitytracker.com/id/1039118", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310", "reference_id": "1478310", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555", "reference_id": "871555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100", "reference_id": "CVE-2017-1000100", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000100" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fp65-97n1-xuaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34701?format=api", "vulnerability_id": "VCID-j2cq-q3r9-jfcp", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74253", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74306", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74284", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.7429", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74305", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620" }, { "reference_url": "https://curl.se/docs/CVE-2016-8620.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8620.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382", "reference_id": "1388382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8620" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2cq-q3r9-jfcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59714?format=api", "vulnerability_id": "VCID-j2qx-np45-4qdu", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77017", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76991", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80584", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80574", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257" }, { "reference_url": "https://curl.haxx.se/docs/adv_20171023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_20171023.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000257.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000257.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2017/dsa-4007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-4007" }, { "reference_url": "http://www.securityfocus.com/bid/101519", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101519" }, { "reference_url": "http://www.securitytracker.com/id/1039644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039644" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705", "reference_id": "1503705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705" }, { "reference_url": "https://security.archlinux.org/ASA-201711-10", "reference_id": "ASA-201711-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-10" }, { "reference_url": "https://security.archlinux.org/ASA-201711-11", "reference_id": "ASA-201711-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-11" }, { "reference_url": "https://security.archlinux.org/ASA-201711-6", "reference_id": "ASA-201711-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-6" }, { "reference_url": "https://security.archlinux.org/ASA-201711-7", "reference_id": "ASA-201711-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-7" }, { "reference_url": "https://security.archlinux.org/ASA-201711-8", "reference_id": "ASA-201711-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-8" }, { "reference_url": "https://security.archlinux.org/ASA-201711-9", "reference_id": "ASA-201711-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-9" }, { "reference_url": "https://security.archlinux.org/AVG-462", "reference_id": "AVG-462", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-462" }, { "reference_url": "https://security.archlinux.org/AVG-463", "reference_id": "AVG-463", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-463" }, { "reference_url": "https://security.archlinux.org/AVG-464", "reference_id": "AVG-464", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-464" }, { "reference_url": "https://security.archlinux.org/AVG-465", "reference_id": "AVG-465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-465" }, { "reference_url": "https://security.archlinux.org/AVG-466", "reference_id": "AVG-466", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-466" }, { "reference_url": "https://security.archlinux.org/AVG-467", "reference_id": "AVG-467", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-467" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257", "reference_id": "CVE-2017-1000257", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3263", "reference_id": "RHSA-2017:3263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3263" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" }, { "reference_url": "https://usn.ubuntu.com/3457-1/", "reference_id": "USN-3457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3457-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-1000257" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qx-np45-4qdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34692?format=api", "vulnerability_id": "VCID-jeqg-g3en-5udw", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77906", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77864", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77896", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77923", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420" }, { "reference_url": "https://curl.se/docs/CVE-2016-5420.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5420.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190", "reference_id": "1362190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-5420" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeqg-g3en-5udw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34702?format=api", "vulnerability_id": "VCID-jqqf-gmd3-ubcd", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84576", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.8458", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84627", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0226", "scoring_system": "epss", "scoring_elements": "0.84617", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621" }, { "reference_url": "https://curl.se/docs/CVE-2016-8621.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8621.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385", "reference_id": "1388385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8621" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqqf-gmd3-ubcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34700?format=api", "vulnerability_id": "VCID-jtw4-af4y-nkbk", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86359", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86441", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86425", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619" }, { "reference_url": "https://curl.se/docs/CVE-2016-8619.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8619.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379", "reference_id": "1388379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8619" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtw4-af4y-nkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39487?format=api", "vulnerability_id": "VCID-tmv3-fzje-sbck", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82137", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.8215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82172", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82221", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82208", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148" }, { "reference_url": "https://curl.se/docs/CVE-2015-3148.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3148.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351", "reference_id": "1213351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571359?format=api", "purl": "pkg:deb/debian/curl@7.26.0-1%2Bwheezy13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-4mk9-5buz-puh5" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-87qu-j64w-p7fj" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdrx-sm6b-sken" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c2na-7q9e-47am" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-dzzd-afgu-3fcy" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-eer3-29q8-sbgq" }, { "vulnerability": "VCID-ekav-zg3k-v3ea" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-gwb6-rf4r-d3b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-prff-34kh-kbat" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-sknq-8mm1-6qfe" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-z49y-v1gh-h7gj" }, { "vulnerability": "VCID-z8h3-fdj8-xuaa" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3148" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tmv3-fzje-sbck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34696?format=api", "vulnerability_id": "VCID-vxpj-xygq-9be2", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84774", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8481", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84839", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84849", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615" }, { "reference_url": "https://curl.se/docs/CVE-2016-8615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8615.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370", "reference_id": "1388370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8615" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpj-xygq-9be2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34699?format=api", "vulnerability_id": "VCID-vyk2-s5ut-ubbz", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81967", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82068", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81997", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82024", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82031", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.8204", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82033", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.81978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01654", "scoring_system": "epss", "scoring_elements": "0.82001", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618" }, { "reference_url": "https://curl.se/docs/CVE-2016-8618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378", "reference_id": "1388378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8618" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vyk2-s5ut-ubbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59717?format=api", "vulnerability_id": "VCID-wrh2-77dv-hbdz", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74919", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74941", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.74918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00852", "scoring_system": "epss", "scoring_elements": "0.7491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00981", "scoring_system": "epss", "scoring_elements": "0.76812", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-ae72.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://curl.haxx.se/docs/adv_2017-ae72.html" }, { "reference_url": "https://curl.se/docs/CVE-2017-8817.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8817.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=162", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.cucumberlinux.com/security/details.php?id=162" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "http://www.securityfocus.com/bid/102057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102057" }, { "reference_url": "http://www.securitytracker.com/id/1039897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760", "reference_id": "1515760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760" }, { "reference_url": "https://security.archlinux.org/ASA-201711-33", "reference_id": "ASA-201711-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-33" }, { "reference_url": "https://security.archlinux.org/ASA-201711-34", "reference_id": "ASA-201711-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-34" }, { "reference_url": "https://security.archlinux.org/ASA-201711-35", "reference_id": "ASA-201711-35", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-35" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-524", "reference_id": "AVG-524", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-524" }, { "reference_url": "https://security.archlinux.org/AVG-525", "reference_id": "AVG-525", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-525" }, { "reference_url": "https://security.archlinux.org/AVG-526", "reference_id": "AVG-526", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-526" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817", "reference_id": "CVE-2017-8817", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" }, { "reference_url": "https://usn.ubuntu.com/3498-2/", "reference_id": "USN-3498-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037833?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2" } ], "aliases": [ "CVE-2017-8817" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wrh2-77dv-hbdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39484?format=api", "vulnerability_id": "VCID-xspf-45t1-2uhf", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which can allow remote attackers to cause Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.8757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.875", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.8751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87526", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87545", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87552", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03475", "scoring_system": "epss", "scoring_elements": "0.87556", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143" }, { "reference_url": "https://curl.se/docs/CVE-2015-3143.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3143.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306", "reference_id": "1213306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571359?format=api", "purl": "pkg:deb/debian/curl@7.26.0-1%2Bwheezy13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-4mk9-5buz-puh5" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-87qu-j64w-p7fj" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdrx-sm6b-sken" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c2na-7q9e-47am" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-dzzd-afgu-3fcy" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-eer3-29q8-sbgq" }, { "vulnerability": "VCID-ekav-zg3k-v3ea" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-gwb6-rf4r-d3b2" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-prff-34kh-kbat" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-sknq-8mm1-6qfe" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-z49y-v1gh-h7gj" }, { "vulnerability": "VCID-z8h3-fdj8-xuaa" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2015-3143" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xspf-45t1-2uhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34698?format=api", "vulnerability_id": "VCID-zxz2-xfpd-pbay", "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n which could allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19573", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19482", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19763", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19488", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19619", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19575", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19517", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617" }, { "reference_url": "https://curl.se/docs/CVE-2016-8617.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8617.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377", "reference_id": "1388377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035754?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-26ju-84rx-c7b9" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-36n6-qanf-nue8" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5jan-pqf6-fyhr" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6muy-xpdq-9kg8" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7c8e-eaqy-akeu" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-7xxh-66ys-4bhw" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-a3v7-ptf1-6qgd" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-b2ef-zj3u-rbhy" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bgtv-jrna-9yb3" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-c6dk-7gj6-7far" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-e58m-g37d-9fd6" }, { "vulnerability": "VCID-eap9-v2gp-fqgh" }, { "vulnerability": "VCID-fnj3-2du1-4bhx" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2cq-q3r9-jfcp" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jeqg-g3en-5udw" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-jqqf-gmd3-ubcd" }, { "vulnerability": "VCID-jtw4-af4y-nkbk" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-k8kj-q1je-f7bt" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-q3hu-8uy5-e3a4" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-qka4-jfdb-w3d5" }, { "vulnerability": "VCID-r447-deb8-2ydj" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tmv3-fzje-sbck" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-vxpj-xygq-9be2" }, { "vulnerability": "VCID-vyk2-s5ut-ubbz" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wh98-pw9h-cyfx" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xspf-45t1-2uhf" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yubp-g4rt-c3e6" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" }, { "vulnerability": "VCID-yxks-8529-23bj" }, { "vulnerability": "VCID-zxz2-xfpd-pbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037113?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k8f-qgcv-xkhb" }, { "vulnerability": "VCID-1mf9-u8y1-zbb1" }, { "vulnerability": "VCID-29n1-4u2b-tkgj" }, { "vulnerability": "VCID-2b39-ubrt-hkc6" }, { "vulnerability": "VCID-2xmp-jc8v-bucb" }, { "vulnerability": "VCID-3sy2-4f3g-zkac" }, { "vulnerability": "VCID-47qb-2qkw-1qej" }, { "vulnerability": "VCID-5n7a-9j23-e7dj" }, { "vulnerability": "VCID-6yb7-t8qs-cbch" }, { "vulnerability": "VCID-75nw-4e2d-zqgg" }, { "vulnerability": "VCID-79sv-kzb5-hbc4" }, { "vulnerability": "VCID-7srk-hshe-h3f4" }, { "vulnerability": "VCID-7vt9-pf5q-uqb6" }, { "vulnerability": "VCID-9cbd-x468-rkaw" }, { "vulnerability": "VCID-9ggp-5wfj-ufcq" }, { "vulnerability": "VCID-9nak-pscy-e7gs" }, { "vulnerability": "VCID-ac6r-spds-qbf5" }, { "vulnerability": "VCID-ae59-w7a1-7keg" }, { "vulnerability": "VCID-arjz-67yz-wkg9" }, { "vulnerability": "VCID-bb2f-7qrm-1kca" }, { "vulnerability": "VCID-bdy2-8gub-tfe6" }, { "vulnerability": "VCID-bhvd-ntxz-dkg4" }, { "vulnerability": "VCID-bv57-gvfs-qfhj" }, { "vulnerability": "VCID-cbah-e86c-w3fj" }, { "vulnerability": "VCID-cbph-fu9d-gbah" }, { "vulnerability": "VCID-cp4n-p2z3-43b4" }, { "vulnerability": "VCID-dgtq-eaav-jyhf" }, { "vulnerability": "VCID-dhrf-2sz5-3bhf" }, { "vulnerability": "VCID-drkp-q9r5-ukcm" }, { "vulnerability": "VCID-fnr7-xb26-dbez" }, { "vulnerability": "VCID-fp65-97n1-xuaj" }, { "vulnerability": "VCID-frgg-29yv-dyf7" }, { "vulnerability": "VCID-ggt7-eejg-xfb6" }, { "vulnerability": "VCID-gnx2-djyk-uyaf" }, { "vulnerability": "VCID-gv7x-j8bz-wycc" }, { "vulnerability": "VCID-hrsy-694u-2fec" }, { "vulnerability": "VCID-j2qx-np45-4qdu" }, { "vulnerability": "VCID-j5s3-rr74-nqb8" }, { "vulnerability": "VCID-jnfc-8f5d-pyh4" }, { "vulnerability": "VCID-ju6h-a1sz-f7e5" }, { "vulnerability": "VCID-krgt-drpz-y7cy" }, { "vulnerability": "VCID-ms2r-94ph-yyh3" }, { "vulnerability": "VCID-n51k-39uk-auca" }, { "vulnerability": "VCID-n57n-cymy-z7dr" }, { "vulnerability": "VCID-ph5u-5j8n-4qah" }, { "vulnerability": "VCID-q229-ag6u-u3hv" }, { "vulnerability": "VCID-qdcn-2u3v-b3cv" }, { "vulnerability": "VCID-r7bh-7wur-xffs" }, { "vulnerability": "VCID-rmez-cwu2-2ya7" }, { "vulnerability": "VCID-s73y-y7v7-43cm" }, { "vulnerability": "VCID-sh5a-fmna-wffr" }, { "vulnerability": "VCID-syz5-5y6f-s7er" }, { "vulnerability": "VCID-t1fk-cbsx-j3gh" }, { "vulnerability": "VCID-t4gn-9fw8-gkc3" }, { "vulnerability": "VCID-t8t6-9wa3-aub7" }, { "vulnerability": "VCID-tcqe-7skm-b3fz" }, { "vulnerability": "VCID-tz47-j4ey-t7g6" }, { "vulnerability": "VCID-u4bx-xqb3-vuef" }, { "vulnerability": "VCID-v3qf-6wju-1bg8" }, { "vulnerability": "VCID-vr9x-yqsd-6fc8" }, { "vulnerability": "VCID-w8ks-xk66-r3fm" }, { "vulnerability": "VCID-wrh2-77dv-hbdz" }, { "vulnerability": "VCID-wwam-tcmv-kqhc" }, { "vulnerability": "VCID-xzay-sjpy-3yce" }, { "vulnerability": "VCID-y32p-52ps-4ug4" }, { "vulnerability": "VCID-y4x5-n5m2-x7bq" }, { "vulnerability": "VCID-yvdd-ataf-ckf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10" } ], "aliases": [ "CVE-2016-8617" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxz2-xfpd-pbay" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11" }