| 0 |
| url |
VCID-18p4-rvxz-pkeu |
| vulnerability_id |
VCID-18p4-rvxz-pkeu |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.78.0 |
| purl |
pkg:generic/curl.se/curl@7.78.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 20 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 21 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 22 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 23 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 24 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 25 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 28 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 29 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 30 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 31 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 37 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 38 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 39 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 40 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 41 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 42 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 43 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 44 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 45 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 46 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 47 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 48 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 49 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 50 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 51 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 52 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 53 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 54 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0 |
|
|
| aliases |
CVE-2021-22923
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-18p4-rvxz-pkeu |
|
| 1 |
| url |
VCID-1a1k-d4ez-ybdu |
| vulnerability_id |
VCID-1a1k-d4ez-ybdu |
| summary |
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.85.0 |
| purl |
pkg:generic/curl.se/curl@7.85.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 2 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 3 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 4 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 5 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 6 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 7 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 10 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 11 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 12 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 13 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 14 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 15 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 16 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 17 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 18 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 19 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 26 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 27 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 28 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 29 |
| vulnerability |
VCID-mpuf-pp6z-q3d6 |
|
| 30 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 31 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 32 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 33 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 34 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 35 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 36 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 37 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 38 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 39 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 40 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 41 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 42 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 43 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 44 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 45 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0 |
|
|
| aliases |
CVE-2022-35252
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1k-d4ez-ybdu |
|
| 2 |
| url |
VCID-1dw3-33ju-jkbs |
| vulnerability_id |
VCID-1dw3-33ju-jkbs |
| summary |
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2025-0725.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/ |
|
|
| url |
https://curl.se/docs/CVE-2025-0725.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.12.0 |
| purl |
pkg:generic/curl.se/curl@8.12.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 1 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 2 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 3 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 4 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 5 |
| vulnerability |
VCID-bp56-gy66-mqae |
|
| 6 |
| vulnerability |
VCID-ezve-gc2h-qyga |
|
| 7 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 8 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 9 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 10 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 11 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 12 |
| vulnerability |
VCID-ns6z-wp2x-fkdq |
|
| 13 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 14 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 15 |
| vulnerability |
VCID-t45k-skv6-cfg2 |
|
| 16 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 17 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 18 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 19 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0 |
|
|
| aliases |
CVE-2025-0725
|
| risk_score |
1.8 |
| exploitability |
0.5 |
| weighted_severity |
3.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1dw3-33ju-jkbs |
|
| 3 |
| url |
VCID-1kpz-55f1-f7dj |
| vulnerability_id |
VCID-1kpz-55f1-f7dj |
| summary |
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://usn.ubuntu.com/3765-1/ |
| reference_id |
3765-1 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/ |
|
|
| url |
https://usn.ubuntu.com/3765-1/ |
|
| 8 |
| reference_url |
https://usn.ubuntu.com/3765-2/ |
| reference_id |
3765-2 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/ |
|
|
| url |
https://usn.ubuntu.com/3765-2/ |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.61.1 |
| purl |
pkg:generic/curl.se/curl@7.61.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 9 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 10 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 11 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 12 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 13 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 14 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 15 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 16 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 17 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 18 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 19 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 20 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 21 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 22 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 23 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 24 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 25 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 26 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 27 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 28 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 29 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 30 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 31 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 32 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 33 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 34 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 35 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 36 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 37 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 38 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 39 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 40 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 41 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 42 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 43 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 44 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 45 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 46 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 47 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 48 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 49 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 50 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 51 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 52 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 53 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 54 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 55 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 56 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 57 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 58 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 59 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 60 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 61 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 62 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.1 |
|
|
| aliases |
CVE-2018-14618
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1kpz-55f1-f7dj |
|
| 4 |
| url |
VCID-1m1w-rayk-sffe |
| vulnerability_id |
VCID-1m1w-rayk-sffe |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.78.0 |
| purl |
pkg:generic/curl.se/curl@7.78.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 20 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 21 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 22 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 23 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 24 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 25 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 28 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 29 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 30 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 31 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 37 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 38 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 39 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 40 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 41 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 42 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 43 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 44 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 45 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 46 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 47 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 48 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 49 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 50 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 51 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 52 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 53 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 54 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0 |
|
|
| aliases |
CVE-2021-22922
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1m1w-rayk-sffe |
|
| 5 |
| url |
VCID-1zsv-4jdy-63en |
| vulnerability_id |
VCID-1zsv-4jdy-63en |
| summary |
Improper Authentication
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 6 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 7 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 8 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 9 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 10 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 11 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 12 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 13 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 14 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 15 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 16 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 17 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 18 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 19 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 20 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 21 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 22 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 23 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 24 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 25 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 26 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 27 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 28 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 29 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 30 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 31 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 32 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27536
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1zsv-4jdy-63en |
|
| 6 |
| url |
VCID-21ff-tazv-9ud3 |
| vulnerability_id |
VCID-21ff-tazv-9ud3 |
| summary |
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-14524
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-21ff-tazv-9ud3 |
|
| 7 |
| url |
VCID-27bv-f11z-myak |
| vulnerability_id |
VCID-27bv-f11z-myak |
| summary |
curl: CURLOPT_SSLCERT mixup with Secure Transport |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.78.0 |
| purl |
pkg:generic/curl.se/curl@7.78.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 20 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 21 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 22 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 23 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 24 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 25 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 28 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 29 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 30 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 31 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 37 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 38 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 39 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 40 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 41 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 42 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 43 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 44 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 45 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 46 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 47 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 48 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 49 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 50 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 51 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 52 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 53 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 54 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0 |
|
|
| aliases |
CVE-2021-22926
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-27bv-f11z-myak |
|
| 8 |
|
| 9 |
| url |
VCID-3ws4-1sak-r3ck |
| vulnerability_id |
VCID-3ws4-1sak-r3ck |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://usn.ubuntu.com/3882-1/ |
| reference_id |
3882-1 |
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/ |
|
|
| url |
https://usn.ubuntu.com/3882-1/ |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.64.0 |
| purl |
pkg:generic/curl.se/curl@7.64.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 9 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 10 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 11 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 12 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 13 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 28 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 29 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 30 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 31 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 32 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 33 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 34 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 35 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 36 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 37 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 38 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 39 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 40 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 41 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 42 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 43 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 44 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 45 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 46 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 47 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 48 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 49 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 50 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 51 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 52 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 53 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 54 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 55 |
| vulnerability |
VCID-xc5k-47n9-43d6 |
|
| 56 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 57 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 58 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 59 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0 |
|
|
| aliases |
CVE-2018-16890
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3ws4-1sak-r3ck |
|
| 10 |
| url |
VCID-4hha-2z31-2bf8 |
| vulnerability_id |
VCID-4hha-2z31-2bf8 |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://usn.ubuntu.com/3805-1/ |
| reference_id |
3805-1 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/ |
|
|
| url |
https://usn.ubuntu.com/3805-1/ |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.62.0 |
| purl |
pkg:generic/curl.se/curl@7.62.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 9 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 10 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 11 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 12 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 13 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 14 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 15 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 16 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 17 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 18 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 19 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 20 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 21 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 22 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 23 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 24 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 25 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 26 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 27 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 28 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 29 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 30 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 31 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 32 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 33 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 34 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 35 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 36 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 37 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 38 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 39 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 40 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 41 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 42 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 43 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 44 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 45 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 46 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 47 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 48 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 49 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 50 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 51 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 52 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 53 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 54 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 55 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 56 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 57 |
| vulnerability |
VCID-xc5k-47n9-43d6 |
|
| 58 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 59 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 60 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 61 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0 |
|
|
| aliases |
CVE-2018-16839
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4hha-2z31-2bf8 |
|
| 11 |
| url |
VCID-4zcd-rbx3-qye5 |
| vulnerability_id |
VCID-4zcd-rbx3-qye5 |
| summary |
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.66.0 |
| purl |
pkg:generic/curl.se/curl@7.66.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 15 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 16 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 17 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 18 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 19 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 20 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 21 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 22 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 23 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 24 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 25 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 31 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 32 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 33 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 34 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 35 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 36 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 37 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 38 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 39 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 40 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 41 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 42 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 43 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 44 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 52 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 53 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 54 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 55 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0 |
|
|
| aliases |
CVE-2019-5482
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4zcd-rbx3-qye5 |
|
| 12 |
| url |
VCID-58p5-pfy3-xug1 |
| vulnerability_id |
VCID-58p5-pfy3-xug1 |
| summary |
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.66.0 |
| purl |
pkg:generic/curl.se/curl@7.66.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 15 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 16 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 17 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 18 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 19 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 20 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 21 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 22 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 23 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 24 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 25 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 31 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 32 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 33 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 34 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 35 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 36 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 37 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 38 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 39 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 40 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 41 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 42 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 43 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 44 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 52 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 53 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 54 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 55 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0 |
|
|
| aliases |
CVE-2019-5443
|
| risk_score |
3.8 |
| exploitability |
0.5 |
| weighted_severity |
7.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-58p5-pfy3-xug1 |
|
| 13 |
| url |
VCID-5ujs-47hf-g7gj |
| vulnerability_id |
VCID-5ujs-47hf-g7gj |
| summary |
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.59.0 |
| purl |
pkg:generic/curl.se/curl@7.59.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-6745-tyba-33fa |
|
| 15 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 16 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 17 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 18 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 19 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 20 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 21 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 22 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 23 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 24 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 25 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 26 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 27 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 28 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 29 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 30 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 31 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 32 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 33 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 34 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 35 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 36 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 37 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 38 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 39 |
| vulnerability |
VCID-kae8-wmf2-2kf1 |
|
| 40 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 41 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 42 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 43 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 44 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 45 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 46 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 47 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 48 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 49 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 50 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 51 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 52 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 53 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 54 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 55 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 56 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 57 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 58 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 59 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 60 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 61 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 62 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 63 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 64 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 65 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0 |
|
|
| aliases |
CVE-2018-1000122
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5ujs-47hf-g7gj |
|
| 14 |
|
| 15 |
| url |
VCID-6745-tyba-33fa |
| vulnerability_id |
VCID-6745-tyba-33fa |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://usn.ubuntu.com/3648-1/ |
| reference_id |
3648-1 |
| reference_type |
|
| scores |
| 0 |
| value |
9.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/ |
|
|
| url |
https://usn.ubuntu.com/3648-1/ |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.60.0 |
| purl |
pkg:generic/curl.se/curl@7.60.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 15 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 16 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 17 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 18 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 19 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 20 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 21 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 22 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 23 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 24 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 25 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 26 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 27 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 28 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 29 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 30 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 31 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 32 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 33 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 34 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 35 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 36 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 37 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 38 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 39 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 40 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 41 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 42 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 43 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 44 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 45 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 46 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 47 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 48 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 49 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 50 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 51 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 52 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 53 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 54 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 55 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 56 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 57 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 58 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 59 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 60 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 61 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 62 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 63 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0 |
|
|
| aliases |
CVE-2018-1000301
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6745-tyba-33fa |
|
| 16 |
| url |
VCID-738z-myg9-37hr |
| vulnerability_id |
VCID-738z-myg9-37hr |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5m9y-9y57-kqg6 |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 10 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 20 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 21 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 22 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 23 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 24 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 25 |
| vulnerability |
VCID-hb4z-s871-d7ck |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 28 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 29 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 30 |
| vulnerability |
VCID-mqzd-mcw5-s3h6 |
|
| 31 |
| vulnerability |
VCID-mray-vkqx-5ka7 |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 37 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 38 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 39 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 40 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 41 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 42 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 43 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 44 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 45 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 46 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 47 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 48 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 49 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 50 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 51 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 52 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-27774
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-738z-myg9-37hr |
|
| 17 |
| url |
VCID-7wqd-99h2-e7hk |
| vulnerability_id |
VCID-7wqd-99h2-e7hk |
| summary |
When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-14017
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7wqd-99h2-e7hk |
|
| 18 |
| url |
VCID-7yvu-s3p2-sfhc |
| vulnerability_id |
VCID-7yvu-s3p2-sfhc |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.79.0 |
| purl |
pkg:generic/curl.se/curl@7.79.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 26 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 27 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 28 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 29 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 30 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 31 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 32 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 33 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 34 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 35 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 36 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 37 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 38 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 39 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 40 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 41 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 42 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 43 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 44 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 45 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 46 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 47 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 48 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 49 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 50 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 51 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0 |
|
|
| aliases |
CVE-2021-22947
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7yvu-s3p2-sfhc |
|
| 19 |
| url |
VCID-a58z-fu87-9ybs |
| vulnerability_id |
VCID-a58z-fu87-9ybs |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.77.0 |
| purl |
pkg:generic/curl.se/curl@7.77.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 10 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 11 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 12 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 13 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 14 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 15 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 16 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 17 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 18 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 19 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 20 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 29 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 34 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 35 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 36 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 37 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 38 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 39 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 40 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 41 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 42 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 43 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 44 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 45 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 46 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 47 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 48 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 49 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 50 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 51 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 52 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 53 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 54 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 55 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 56 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 57 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 58 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 59 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.77.0 |
|
|
| aliases |
CVE-2021-22898
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a58z-fu87-9ybs |
|
| 20 |
| url |
VCID-a8z6-bswu-jue8 |
| vulnerability_id |
VCID-a8z6-bswu-jue8 |
| summary |
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 8 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 15 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 16 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 17 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 18 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 19 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 20 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 21 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 22 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 23 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 24 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 25 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 26 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 27 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 28 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28320
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a8z6-bswu-jue8 |
|
| 21 |
| url |
VCID-am31-t2h3-zbgw |
| vulnerability_id |
VCID-am31-t2h3-zbgw |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.78.0 |
| purl |
pkg:generic/curl.se/curl@7.78.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 20 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 21 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 22 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 23 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 24 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 25 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 28 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 29 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 30 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 31 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 37 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 38 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 39 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 40 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 41 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 42 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 43 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 44 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 45 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 46 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 47 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 48 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 49 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 50 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 51 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 52 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 53 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 54 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0 |
|
|
| aliases |
CVE-2021-22925
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-am31-t2h3-zbgw |
|
| 22 |
| url |
VCID-azcz-b8f2-63be |
| vulnerability_id |
VCID-azcz-b8f2-63be |
| summary |
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 6 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 7 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 8 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 9 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 10 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 11 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 12 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 13 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 14 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 15 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 16 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 17 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 18 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 19 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 20 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 21 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 22 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 23 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 24 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 25 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 26 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 27 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 28 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 29 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 30 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 31 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 32 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27533
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-azcz-b8f2-63be |
|
| 23 |
| url |
VCID-bb6v-z8yg-6fe3 |
| vulnerability_id |
VCID-bb6v-z8yg-6fe3 |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://usn.ubuntu.com/3882-1/ |
| reference_id |
3882-1 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/ |
|
|
| url |
https://usn.ubuntu.com/3882-1/ |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.64.0 |
| purl |
pkg:generic/curl.se/curl@7.64.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 9 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 10 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 11 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 12 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 13 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 28 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 29 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 30 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 31 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 32 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 33 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 34 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 35 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 36 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 37 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 38 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 39 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 40 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 41 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 42 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 43 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 44 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 45 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 46 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 47 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 48 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 49 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 50 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 51 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 52 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 53 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 54 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 55 |
| vulnerability |
VCID-xc5k-47n9-43d6 |
|
| 56 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 57 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 58 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 59 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0 |
|
|
| aliases |
CVE-2019-3823
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bb6v-z8yg-6fe3 |
|
| 24 |
|
| 25 |
| url |
VCID-bx2m-n5ft-3be8 |
| vulnerability_id |
VCID-bx2m-n5ft-3be8 |
| summary |
Improper Authentication
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 6 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 7 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 8 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 9 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 10 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 11 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 12 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 13 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 14 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 15 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 16 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 17 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 18 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 19 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 20 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 21 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 22 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 23 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 24 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 25 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 26 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 27 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 28 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 29 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 30 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 31 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 32 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27535
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bx2m-n5ft-3be8 |
|
| 26 |
| url |
VCID-cdzf-3ydt-8bdk |
| vulnerability_id |
VCID-cdzf-3ydt-8bdk |
| summary |
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.86.0 |
| purl |
pkg:generic/curl.se/curl@7.86.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 2 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 3 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 4 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 5 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 6 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 7 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 10 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 11 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 12 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 13 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 14 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 15 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 16 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 17 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 18 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 19 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 20 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 21 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 22 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 23 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 24 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 25 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 26 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 27 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 28 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 29 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 30 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 31 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 32 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 33 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 34 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 35 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 36 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 37 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 38 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 39 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 40 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 41 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0 |
|
|
| aliases |
CVE-2022-32221
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cdzf-3ydt-8bdk |
|
| 27 |
| url |
VCID-cfry-nx5h-kudv |
| vulnerability_id |
VCID-cfry-nx5h-kudv |
| summary |
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.88.0 |
| purl |
pkg:generic/curl.se/curl@7.88.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 2 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 3 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 4 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 5 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 6 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 7 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 8 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 9 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 10 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 11 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 12 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 13 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 14 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 15 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 16 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 17 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 18 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 19 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 20 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 21 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 22 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 23 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 24 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 25 |
| vulnerability |
VCID-kvmd-97y1-tbcz |
|
| 26 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 27 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 28 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 29 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 30 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 31 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 32 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 33 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 34 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 35 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 36 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 37 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 38 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0 |
|
|
| aliases |
CVE-2023-23916
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cfry-nx5h-kudv |
|
| 28 |
| url |
VCID-f7n8-zzhz-fuc8 |
| vulnerability_id |
VCID-f7n8-zzhz-fuc8 |
| summary |
Improper Certificate Validation
curl is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.74.0 |
| purl |
pkg:generic/curl.se/curl@7.74.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 13 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 28 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 34 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 35 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 36 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 37 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 38 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 39 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 40 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 41 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 42 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 43 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 44 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 52 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 53 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 54 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 55 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 56 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0 |
|
|
| aliases |
CVE-2020-8286
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f7n8-zzhz-fuc8 |
|
| 29 |
|
| 30 |
| url |
VCID-fhc8-r8gv-bugj |
| vulnerability_id |
VCID-fhc8-r8gv-bugj |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://curl.se/docs/CVE-2021-22876.html |
| reference_id |
CVE-2021-22876.HTML |
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/ |
|
|
| url |
https://curl.se/docs/CVE-2021-22876.html |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.76.0 |
| purl |
pkg:generic/curl.se/curl@7.76.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 9 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 10 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 11 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 12 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 13 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 14 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 15 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 16 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 17 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 18 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 19 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 20 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 21 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 22 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 23 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 24 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 25 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 26 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 27 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 28 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 34 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 35 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 36 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 37 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 38 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 39 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 40 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 41 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 42 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 43 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 44 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vgap-k5zw-9qbn |
|
| 48 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 49 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 50 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 51 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 52 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 53 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 54 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 55 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 56 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 57 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0 |
|
|
| aliases |
CVE-2021-22876
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc8-r8gv-bugj |
|
| 31 |
| url |
VCID-g4n9-kg3s-pfcr |
| vulnerability_id |
VCID-g4n9-kg3s-pfcr |
| summary |
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 8 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 15 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 16 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 17 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 18 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 19 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 20 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 21 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 22 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 23 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 24 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 25 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 26 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 27 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 28 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28321
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g4n9-kg3s-pfcr |
|
| 32 |
|
| 33 |
| url |
VCID-gud1-yg9u-zyfp |
| vulnerability_id |
VCID-gud1-yg9u-zyfp |
| summary |
Use After Free
Due to use of a dangling pointer, libcurl can use the wrong connection when sending data. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.72.0 |
| purl |
pkg:generic/curl.se/curl@7.72.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 14 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 15 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 16 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 17 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 18 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 19 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 20 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 21 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 22 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 23 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 24 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 25 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 29 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 30 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 31 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 32 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 33 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 34 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 35 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 36 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 37 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 38 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 39 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 40 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 41 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 42 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 43 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 44 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 45 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 46 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 47 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 48 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 49 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 50 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 51 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 52 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 53 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 54 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 55 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 56 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 57 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.72.0 |
|
|
| aliases |
CVE-2020-8231
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gud1-yg9u-zyfp |
|
| 34 |
| url |
VCID-gueb-wzpx-ufb2 |
| vulnerability_id |
VCID-gueb-wzpx-ufb2 |
| summary |
Improper Authentication
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 6 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 7 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 8 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 9 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 10 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 11 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 12 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 13 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 14 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 15 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 16 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 17 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 18 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 19 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 20 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 21 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 22 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 23 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 24 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 25 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 26 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 27 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 28 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 29 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 30 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 31 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 32 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27538
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gueb-wzpx-ufb2 |
|
| 35 |
| url |
VCID-h6xj-mys4-pucf |
| vulnerability_id |
VCID-h6xj-mys4-pucf |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2020-8177.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/ |
|
|
| url |
https://curl.se/docs/CVE-2020-8177.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.71.0 |
| purl |
pkg:generic/curl.se/curl@7.71.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 14 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 15 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 16 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 17 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 18 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 19 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 20 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 21 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 22 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 23 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 24 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 25 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 34 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 35 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 36 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 37 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 38 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 39 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 40 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 41 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 42 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 43 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 44 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 45 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 46 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 47 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 48 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 49 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 50 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 51 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 52 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 53 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 54 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 55 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 56 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 57 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 58 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.71.0 |
|
|
| aliases |
CVE-2020-8177
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h6xj-mys4-pucf |
|
| 36 |
|
| 37 |
| url |
VCID-j688-cyfg-p7gu |
| vulnerability_id |
VCID-j688-cyfg-p7gu |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5m9y-9y57-kqg6 |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 10 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 20 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 21 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 22 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 23 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 24 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 25 |
| vulnerability |
VCID-hb4z-s871-d7ck |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 28 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 29 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 30 |
| vulnerability |
VCID-mqzd-mcw5-s3h6 |
|
| 31 |
| vulnerability |
VCID-mray-vkqx-5ka7 |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 37 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 38 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 39 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 40 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 41 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 42 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 43 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 44 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 45 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 46 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 47 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 48 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 49 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 50 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 51 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 52 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-22576
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j688-cyfg-p7gu |
|
| 38 |
| url |
VCID-jnq1-hk6d-b3a3 |
| vulnerability_id |
VCID-jnq1-hk6d-b3a3 |
| summary |
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2024-2398.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-2398.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.7.0 |
| purl |
pkg:generic/curl.se/curl@8.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-85ne-e7gm-5ua9 |
|
| 8 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 9 |
| vulnerability |
VCID-bp56-gy66-mqae |
|
| 10 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 11 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 15 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 16 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 17 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 18 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 19 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 20 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 21 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 22 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 23 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0 |
|
|
| aliases |
CVE-2024-2398
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jnq1-hk6d-b3a3 |
|
| 39 |
| url |
VCID-kae8-wmf2-2kf1 |
| vulnerability_id |
VCID-kae8-wmf2-2kf1 |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.60.0 |
| purl |
pkg:generic/curl.se/curl@7.60.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 15 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 16 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 17 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 18 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 19 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 20 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 21 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 22 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 23 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 24 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 25 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 26 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 27 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 28 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 29 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 30 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 31 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 32 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 33 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 34 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 35 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 36 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 37 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 38 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 39 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 40 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 41 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 42 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 43 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 44 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 45 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 46 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 47 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 48 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 49 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 50 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 51 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 52 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 53 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 54 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 55 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 56 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 57 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 58 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 59 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 60 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 61 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 62 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 63 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0 |
|
|
| aliases |
CVE-2018-1000300
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kae8-wmf2-2kf1 |
|
| 40 |
| url |
VCID-kkrm-dj79-4ucj |
| vulnerability_id |
VCID-kkrm-dj79-4ucj |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5m9y-9y57-kqg6 |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 10 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 20 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 21 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 22 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 23 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 24 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 25 |
| vulnerability |
VCID-hb4z-s871-d7ck |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 28 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 29 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 30 |
| vulnerability |
VCID-mqzd-mcw5-s3h6 |
|
| 31 |
| vulnerability |
VCID-mray-vkqx-5ka7 |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 37 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 38 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 39 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 40 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 41 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 42 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 43 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 44 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 45 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 46 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 47 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 48 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 49 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 50 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 51 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 52 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-27776
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kkrm-dj79-4ucj |
|
| 41 |
| url |
VCID-kq38-7s5x-nqaz |
| vulnerability_id |
VCID-kq38-7s5x-nqaz |
| summary |
libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2024-7264.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-7264.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.9.1 |
| purl |
pkg:generic/curl.se/curl@8.9.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 8 |
| vulnerability |
VCID-bp56-gy66-mqae |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 12 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 13 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 14 |
| vulnerability |
VCID-ns6z-wp2x-fkdq |
|
| 15 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 16 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 17 |
| vulnerability |
VCID-t45k-skv6-cfg2 |
|
| 18 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 19 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 20 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 21 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 22 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 23 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.1 |
|
|
| aliases |
CVE-2024-7264
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kq38-7s5x-nqaz |
|
| 42 |
| url |
VCID-msd2-35g9-nyd2 |
| vulnerability_id |
VCID-msd2-35g9-nyd2 |
| summary |
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2020-8284.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/ |
|
|
| url |
https://curl.se/docs/CVE-2020-8284.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.74.0 |
| purl |
pkg:generic/curl.se/curl@7.74.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 13 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 28 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 34 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 35 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 36 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 37 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 38 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 39 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 40 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 41 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 42 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 43 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 44 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 52 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 53 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 54 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 55 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 56 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0 |
|
|
| aliases |
CVE-2020-8284
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-msd2-35g9-nyd2 |
|
| 43 |
| url |
VCID-p7mn-a632-c3ag |
| vulnerability_id |
VCID-p7mn-a632-c3ag |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.61.0 |
| purl |
pkg:generic/curl.se/curl@7.61.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 15 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 16 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 17 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 18 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 19 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 20 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 21 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 22 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 23 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 24 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 25 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 26 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 27 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 28 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 29 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 30 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 31 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 32 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 33 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 34 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 35 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 36 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 37 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 38 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 39 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 40 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 41 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 42 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 43 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 44 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 45 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 46 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 47 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 48 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 49 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 50 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 51 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 52 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 53 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 54 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 55 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 56 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 57 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 58 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 59 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 60 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 61 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 62 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 63 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.0 |
|
|
| aliases |
CVE-2018-0500
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p7mn-a632-c3ag |
|
| 44 |
| url |
VCID-p8vk-yf66-wbb7 |
| vulnerability_id |
VCID-p8vk-yf66-wbb7 |
| summary |
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.59.0 |
| purl |
pkg:generic/curl.se/curl@7.59.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-6745-tyba-33fa |
|
| 15 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 16 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 17 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 18 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 19 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 20 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 21 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 22 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 23 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 24 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 25 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 26 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 27 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 28 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 29 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 30 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 31 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 32 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 33 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 34 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 35 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 36 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 37 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 38 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 39 |
| vulnerability |
VCID-kae8-wmf2-2kf1 |
|
| 40 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 41 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 42 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 43 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 44 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 45 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 46 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 47 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 48 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 49 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 50 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 51 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 52 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 53 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 54 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 55 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 56 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 57 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 58 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 59 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 60 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 61 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 62 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 63 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 64 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 65 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0 |
|
|
| aliases |
CVE-2018-1000121
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p8vk-yf66-wbb7 |
|
| 45 |
| url |
VCID-p97a-kjpp-f3d8 |
| vulnerability_id |
VCID-p97a-kjpp-f3d8 |
| summary |
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 6 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 7 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 8 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 9 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 10 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 11 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 12 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 13 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 14 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 15 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 16 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 17 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 18 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 19 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 20 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 21 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 22 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 23 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 24 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 25 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 26 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 27 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 28 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 29 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 30 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 31 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 32 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27534
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p97a-kjpp-f3d8 |
|
| 46 |
| url |
VCID-q46r-7nct-s3bw |
| vulnerability_id |
VCID-q46r-7nct-s3bw |
| summary |
Out-of-bounds Write
curl is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
| reference_url |
https://curl.se/docs/CVE-2020-8285.html |
| reference_id |
CVE-2020-8285.HTML |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/ |
|
|
| url |
https://curl.se/docs/CVE-2020-8285.html |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.74.0 |
| purl |
pkg:generic/curl.se/curl@7.74.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 11 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 12 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 13 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 28 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 31 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 32 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 33 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 34 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 35 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 36 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 37 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 38 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 39 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 40 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 41 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 42 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 43 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 44 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 52 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 53 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 54 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 55 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 56 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0 |
|
|
| aliases |
CVE-2020-8285
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q46r-7nct-s3bw |
|
| 47 |
| url |
VCID-q8tg-prj1-y7b8 |
| vulnerability_id |
VCID-q8tg-prj1-y7b8 |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.79.0 |
| purl |
pkg:generic/curl.se/curl@7.79.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 26 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 27 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 28 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 29 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 30 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 31 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 32 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 33 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 34 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 35 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 36 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 37 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 38 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 39 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 40 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 41 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 42 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 43 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 44 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 45 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 46 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 47 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 48 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 49 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 50 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 51 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0 |
|
|
| aliases |
CVE-2021-22946
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q8tg-prj1-y7b8 |
|
| 48 |
| url |
VCID-qrnc-7ywu-37cz |
| vulnerability_id |
VCID-qrnc-7ywu-37cz |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://usn.ubuntu.com/3882-1/ |
| reference_id |
3882-1 |
| reference_type |
|
| scores |
| 0 |
| value |
7.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/ |
|
|
| url |
https://usn.ubuntu.com/3882-1/ |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.64.0 |
| purl |
pkg:generic/curl.se/curl@7.64.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 9 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 10 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 11 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 12 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 13 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 28 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 29 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 30 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 31 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 32 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 33 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 34 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 35 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 36 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 37 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 38 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 39 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 40 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 41 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 42 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 43 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 44 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 45 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 46 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 47 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 48 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 49 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 50 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 51 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 52 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 53 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 54 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 55 |
| vulnerability |
VCID-xc5k-47n9-43d6 |
|
| 56 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 57 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 58 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 59 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0 |
|
|
| aliases |
CVE-2019-3822
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qrnc-7ywu-37cz |
|
| 49 |
| url |
VCID-r2g9-c896-rkge |
| vulnerability_id |
VCID-r2g9-c896-rkge |
| summary |
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.87.0 |
| purl |
pkg:generic/curl.se/curl@7.87.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 2 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 3 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 4 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 5 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 6 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 7 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 10 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 11 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 12 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 13 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 14 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 15 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 16 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 17 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 18 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 19 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 20 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 21 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 22 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 23 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 24 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 25 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 26 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 27 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 28 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 29 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 30 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 31 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 32 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 33 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 34 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 35 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 36 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 37 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 38 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 39 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 40 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0 |
|
|
| aliases |
CVE-2022-43552
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r2g9-c896-rkge |
|
| 50 |
| url |
VCID-raxd-4nxj-gkhp |
| vulnerability_id |
VCID-raxd-4nxj-gkhp |
| summary |
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.58.0 |
| purl |
pkg:generic/curl.se/curl@7.58.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5ujs-47hf-g7gj |
|
| 14 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 15 |
| vulnerability |
VCID-6745-tyba-33fa |
|
| 16 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 17 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 18 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 19 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 20 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 21 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 22 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 23 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 24 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 25 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 26 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 27 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 28 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 29 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 30 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 31 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 32 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 33 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 34 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 35 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 36 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 37 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 38 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 39 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 40 |
| vulnerability |
VCID-kae8-wmf2-2kf1 |
|
| 41 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 42 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 43 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 44 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 45 |
| vulnerability |
VCID-p8vk-yf66-wbb7 |
|
| 46 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 47 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 48 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 49 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 50 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 51 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 52 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 53 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 54 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 55 |
| vulnerability |
VCID-tn33-re3r-yfhw |
|
| 56 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 57 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 58 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 59 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 60 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 61 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 62 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 63 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 64 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 65 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 66 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 67 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0 |
|
|
| aliases |
CVE-2018-1000005
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-raxd-4nxj-gkhp |
|
| 51 |
| url |
VCID-rt5e-saz2-j7c9 |
| vulnerability_id |
VCID-rt5e-saz2-j7c9 |
| summary |
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.58.0 |
| purl |
pkg:generic/curl.se/curl@7.58.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5ujs-47hf-g7gj |
|
| 14 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 15 |
| vulnerability |
VCID-6745-tyba-33fa |
|
| 16 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 17 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 18 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 19 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 20 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 21 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 22 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 23 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 24 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 25 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 26 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 27 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 28 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 29 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 30 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 31 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 32 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 33 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 34 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 35 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 36 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 37 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 38 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 39 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 40 |
| vulnerability |
VCID-kae8-wmf2-2kf1 |
|
| 41 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 42 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 43 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 44 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 45 |
| vulnerability |
VCID-p8vk-yf66-wbb7 |
|
| 46 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 47 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 48 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 49 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 50 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 51 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 52 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 53 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 54 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 55 |
| vulnerability |
VCID-tn33-re3r-yfhw |
|
| 56 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 57 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 58 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 59 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 60 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 61 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 62 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 63 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 64 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 65 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 66 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 67 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0 |
|
|
| aliases |
CVE-2018-1000007
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rt5e-saz2-j7c9 |
|
| 52 |
|
| 53 |
| url |
VCID-sutv-qt2x-2yc7 |
| vulnerability_id |
VCID-sutv-qt2x-2yc7 |
| summary |
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 8 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 15 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 16 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 17 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 18 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 19 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 20 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 21 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 22 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 23 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 24 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 25 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 26 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 27 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 28 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28322
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sutv-qt2x-2yc7 |
|
| 54 |
| url |
VCID-tcxd-z7f3-kkes |
| vulnerability_id |
VCID-tcxd-z7f3-kkes |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.65.0 |
| purl |
pkg:generic/curl.se/curl@7.65.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 9 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 10 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 11 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 12 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 13 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 14 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 15 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 16 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 17 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 18 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 19 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 20 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 21 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 22 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 23 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 24 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 25 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 26 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 27 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 28 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 29 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 30 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 31 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 32 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 33 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 34 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 35 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 36 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 37 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 38 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 39 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 40 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 41 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 42 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 43 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 44 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 45 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 46 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 47 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 48 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 49 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 50 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 51 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 52 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 53 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 54 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 55 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 56 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 57 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 58 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.65.0 |
|
|
| aliases |
CVE-2019-5436
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tcxd-z7f3-kkes |
|
| 55 |
| url |
VCID-td39-d3tf-vkhc |
| vulnerability_id |
VCID-td39-d3tf-vkhc |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.78.0 |
| purl |
pkg:generic/curl.se/curl@7.78.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 15 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 16 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 17 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 18 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 19 |
| vulnerability |
VCID-cjyz-fdnv-b3g4 |
|
| 20 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 21 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 22 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 23 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 24 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 25 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 26 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 27 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 28 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 29 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 30 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 31 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 32 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 33 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 34 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 35 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 36 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 37 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 38 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 39 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 40 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 41 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 42 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 43 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 44 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 45 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 46 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 47 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 48 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 49 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 50 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 51 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 52 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 53 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 54 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0 |
|
|
| aliases |
CVE-2021-22924
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-td39-d3tf-vkhc |
|
| 56 |
| url |
VCID-tn33-re3r-yfhw |
| vulnerability_id |
VCID-tn33-re3r-yfhw |
| summary |
Out-of-bounds Write
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.59.0 |
| purl |
pkg:generic/curl.se/curl@7.59.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1kpz-55f1-f7dj |
|
| 4 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 5 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 6 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 7 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 8 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 9 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 10 |
| vulnerability |
VCID-4hha-2z31-2bf8 |
|
| 11 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 12 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 13 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 14 |
| vulnerability |
VCID-6745-tyba-33fa |
|
| 15 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 16 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 17 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 18 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 19 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 20 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 21 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 22 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 23 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 24 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 25 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 26 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 27 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 28 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 29 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 30 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 31 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 32 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 33 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 34 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 35 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 36 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 37 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 38 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 39 |
| vulnerability |
VCID-kae8-wmf2-2kf1 |
|
| 40 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 41 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 42 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 43 |
| vulnerability |
VCID-p7mn-a632-c3ag |
|
| 44 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 45 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 46 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 47 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 48 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 49 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 50 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 51 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 52 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 53 |
| vulnerability |
VCID-ubnn-z97k-47gw |
|
| 54 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 55 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 56 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 57 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 58 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 59 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 60 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 61 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 62 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 63 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 64 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
| 65 |
| vulnerability |
VCID-zg98-v6dj-s7gv |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0 |
|
|
| aliases |
CVE-2018-1000120, GHSA-674j-7m97-j2p9
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tn33-re3r-yfhw |
|
| 57 |
| url |
VCID-uj78-2cgz-zbdb |
| vulnerability_id |
VCID-uj78-2cgz-zbdb |
| summary |
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.66.0 |
| purl |
pkg:generic/curl.se/curl@7.66.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 9 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 12 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 13 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 14 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 15 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 16 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 17 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 18 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 19 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 20 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 21 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 22 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 23 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 24 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 25 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 26 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 27 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 28 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 29 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 30 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 31 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 32 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 33 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 34 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 35 |
| vulnerability |
VCID-kn6z-caj8-bbc9 |
|
| 36 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 37 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 38 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 39 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 40 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 41 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 42 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 43 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 44 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 45 |
| vulnerability |
VCID-urgp-rqyc-sqer |
|
| 46 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 47 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 48 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 49 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 50 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 51 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 52 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 53 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 54 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 55 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0 |
|
|
| aliases |
CVE-2019-5481
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uj78-2cgz-zbdb |
|
| 58 |
| url |
VCID-vpkr-9akj-hbf6 |
| vulnerability_id |
VCID-vpkr-9akj-hbf6 |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.1 |
| purl |
pkg:generic/curl.se/curl@7.83.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 26 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 27 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 28 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 29 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 30 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 31 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 32 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 33 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 34 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 35 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 36 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 37 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 38 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 39 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 40 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 41 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 42 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 43 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 44 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 45 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 46 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1 |
|
|
| aliases |
CVE-2022-27782
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vpkr-9akj-hbf6 |
|
| 59 |
| url |
VCID-w472-84ep-fkdx |
| vulnerability_id |
VCID-w472-84ep-fkdx |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.4.0 |
| purl |
pkg:generic/curl.se/curl@8.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 8 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 15 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 16 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 17 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 18 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 19 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 20 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 21 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 22 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 23 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 24 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 25 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0 |
|
|
| aliases |
CVE-2023-38546
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w472-84ep-fkdx |
|
| 60 |
|
| 61 |
| url |
VCID-wbwx-5vg3-uqcd |
| vulnerability_id |
VCID-wbwx-5vg3-uqcd |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 26 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 27 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 28 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 29 |
| vulnerability |
VCID-mpuf-pp6z-q3d6 |
|
| 30 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 31 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 32 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 33 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 34 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 35 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 36 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 37 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 38 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 39 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 40 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 41 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 42 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 43 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 44 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 45 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32206
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wbwx-5vg3-uqcd |
|
| 62 |
| url |
VCID-wmam-qmmg-6uay |
| vulnerability_id |
VCID-wmam-qmmg-6uay |
| summary |
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.5.0 |
| purl |
pkg:generic/curl.se/curl@8.5.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 8 |
| vulnerability |
VCID-bp56-gy66-mqae |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-ffmg-djmk-57hn |
|
| 12 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 13 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 14 |
| vulnerability |
VCID-h7v8-bg58-mkhu |
|
| 15 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 16 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 17 |
| vulnerability |
VCID-ke97-b9rb-5bfd |
|
| 18 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 19 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 20 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 21 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 22 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 23 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 24 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 25 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 26 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0 |
|
|
| aliases |
CVE-2023-46218
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wmam-qmmg-6uay |
|
| 63 |
| url |
VCID-xgj8-zrta-kub9 |
| vulnerability_id |
VCID-xgj8-zrta-kub9 |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-85qb-zec7-subc |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 26 |
| vulnerability |
VCID-k3nv-gf9b-5ua2 |
|
| 27 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 28 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 29 |
| vulnerability |
VCID-mpuf-pp6z-q3d6 |
|
| 30 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 31 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 32 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 33 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 34 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 35 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 36 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 37 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 38 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 39 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 40 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 41 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 42 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 43 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 44 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 45 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32208
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xgj8-zrta-kub9 |
|
| 64 |
| url |
VCID-y41p-tgpa-m7cs |
| vulnerability_id |
VCID-y41p-tgpa-m7cs |
| summary |
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2024-8096.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-8096.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.10.0 |
| purl |
pkg:generic/curl.se/curl@8.10.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 1 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 2 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 3 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 4 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 5 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 6 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 7 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 8 |
| vulnerability |
VCID-bp56-gy66-mqae |
|
| 9 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 10 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 11 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 12 |
| vulnerability |
VCID-gux4-dncg-h7a6 |
|
| 13 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 14 |
| vulnerability |
VCID-ns6z-wp2x-fkdq |
|
| 15 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 16 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 17 |
| vulnerability |
VCID-t45k-skv6-cfg2 |
|
| 18 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 19 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 20 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 21 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 22 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.10.0 |
|
|
| aliases |
CVE-2024-8096
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y41p-tgpa-m7cs |
|
| 65 |
|
| 66 |
| url |
VCID-yjtj-ydsg-u7ca |
| vulnerability_id |
VCID-yjtj-ydsg-u7ca |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.1 |
| purl |
pkg:generic/curl.se/curl@7.83.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 1 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 2 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 3 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 4 |
| vulnerability |
VCID-287k-bzqy-n7ag |
|
| 5 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 6 |
| vulnerability |
VCID-3p2z-61gq-muhs |
|
| 7 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 8 |
| vulnerability |
VCID-6en5-etsd-2bce |
|
| 9 |
| vulnerability |
VCID-6ggz-pa5t-77c4 |
|
| 10 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 11 |
| vulnerability |
VCID-7z3h-9pk3-rqct |
|
| 12 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 13 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 14 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 15 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 16 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 17 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 18 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 19 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 20 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 21 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 22 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 23 |
| vulnerability |
VCID-h4nw-va5b-23ef |
|
| 24 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 25 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 26 |
| vulnerability |
VCID-k5vr-1fmp-sqbw |
|
| 27 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 28 |
| vulnerability |
VCID-ns58-vmsz-5ued |
|
| 29 |
| vulnerability |
VCID-nwvb-d466-4uaa |
|
| 30 |
| vulnerability |
VCID-p155-gbtu-abg1 |
|
| 31 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 32 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 33 |
| vulnerability |
VCID-razg-yr7y-ukgd |
|
| 34 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 35 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 36 |
| vulnerability |
VCID-tzs5-qzhn-rqbk |
|
| 37 |
| vulnerability |
VCID-u1p8-s8vm-3yer |
|
| 38 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 39 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 40 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 41 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 42 |
| vulnerability |
VCID-wgur-psum-pbck |
|
| 43 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 44 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 45 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 46 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1 |
|
|
| aliases |
CVE-2022-27781
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yjtj-ydsg-u7ca |
|
| 67 |
| url |
VCID-zg98-v6dj-s7gv |
| vulnerability_id |
VCID-zg98-v6dj-s7gv |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://usn.ubuntu.com/3805-1/ |
| reference_id |
3805-1 |
| reference_type |
|
| scores |
| 0 |
| value |
4.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/ |
|
|
| url |
https://usn.ubuntu.com/3805-1/ |
|
| 9 |
| reference_url |
https://usn.ubuntu.com/3805-2/ |
| reference_id |
3805-2 |
| reference_type |
|
| scores |
| 0 |
| value |
4.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/ |
|
|
| url |
https://usn.ubuntu.com/3805-2/ |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.62.0 |
| purl |
pkg:generic/curl.se/curl@7.62.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-18p4-rvxz-pkeu |
|
| 1 |
| vulnerability |
VCID-1a1k-d4ez-ybdu |
|
| 2 |
| vulnerability |
VCID-1dw3-33ju-jkbs |
|
| 3 |
| vulnerability |
VCID-1m1w-rayk-sffe |
|
| 4 |
| vulnerability |
VCID-1zsv-4jdy-63en |
|
| 5 |
| vulnerability |
VCID-21ff-tazv-9ud3 |
|
| 6 |
| vulnerability |
VCID-27bv-f11z-myak |
|
| 7 |
| vulnerability |
VCID-39qh-jayw-g3dh |
|
| 8 |
| vulnerability |
VCID-3ws4-1sak-r3ck |
|
| 9 |
| vulnerability |
VCID-4zcd-rbx3-qye5 |
|
| 10 |
| vulnerability |
VCID-58p5-pfy3-xug1 |
|
| 11 |
| vulnerability |
VCID-5un8-xymy-37bt |
|
| 12 |
| vulnerability |
VCID-738z-myg9-37hr |
|
| 13 |
| vulnerability |
VCID-7wqd-99h2-e7hk |
|
| 14 |
| vulnerability |
VCID-7yvu-s3p2-sfhc |
|
| 15 |
| vulnerability |
VCID-a58z-fu87-9ybs |
|
| 16 |
| vulnerability |
VCID-a8z6-bswu-jue8 |
|
| 17 |
| vulnerability |
VCID-am31-t2h3-zbgw |
|
| 18 |
| vulnerability |
VCID-azcz-b8f2-63be |
|
| 19 |
| vulnerability |
VCID-bb6v-z8yg-6fe3 |
|
| 20 |
| vulnerability |
VCID-bcuq-n4vb-k7f3 |
|
| 21 |
| vulnerability |
VCID-bx2m-n5ft-3be8 |
|
| 22 |
| vulnerability |
VCID-byzw-xw9s-pkga |
|
| 23 |
| vulnerability |
VCID-cdzf-3ydt-8bdk |
|
| 24 |
| vulnerability |
VCID-cfry-nx5h-kudv |
|
| 25 |
| vulnerability |
VCID-f7n8-zzhz-fuc8 |
|
| 26 |
| vulnerability |
VCID-f9nm-d5ax-qkcb |
|
| 27 |
| vulnerability |
VCID-fcb7-8163-muf4 |
|
| 28 |
| vulnerability |
VCID-fhc8-r8gv-bugj |
|
| 29 |
| vulnerability |
VCID-fp66-fzqt-6yg7 |
|
| 30 |
| vulnerability |
VCID-g4n9-kg3s-pfcr |
|
| 31 |
| vulnerability |
VCID-g7ux-4vz2-ckfg |
|
| 32 |
| vulnerability |
VCID-gud1-yg9u-zyfp |
|
| 33 |
| vulnerability |
VCID-gueb-wzpx-ufb2 |
|
| 34 |
| vulnerability |
VCID-h6xj-mys4-pucf |
|
| 35 |
| vulnerability |
VCID-hhms-2hg6-nke9 |
|
| 36 |
| vulnerability |
VCID-j688-cyfg-p7gu |
|
| 37 |
| vulnerability |
VCID-jnq1-hk6d-b3a3 |
|
| 38 |
| vulnerability |
VCID-kkrm-dj79-4ucj |
|
| 39 |
| vulnerability |
VCID-kq38-7s5x-nqaz |
|
| 40 |
| vulnerability |
VCID-msd2-35g9-nyd2 |
|
| 41 |
| vulnerability |
VCID-p97a-kjpp-f3d8 |
|
| 42 |
| vulnerability |
VCID-q46r-7nct-s3bw |
|
| 43 |
| vulnerability |
VCID-q8tg-prj1-y7b8 |
|
| 44 |
| vulnerability |
VCID-qrnc-7ywu-37cz |
|
| 45 |
| vulnerability |
VCID-r2g9-c896-rkge |
|
| 46 |
| vulnerability |
VCID-secz-78pt-dben |
|
| 47 |
| vulnerability |
VCID-sutv-qt2x-2yc7 |
|
| 48 |
| vulnerability |
VCID-tcxd-z7f3-kkes |
|
| 49 |
| vulnerability |
VCID-td39-d3tf-vkhc |
|
| 50 |
| vulnerability |
VCID-uj78-2cgz-zbdb |
|
| 51 |
| vulnerability |
VCID-v82t-s9e1-2fbw |
|
| 52 |
| vulnerability |
VCID-vpkr-9akj-hbf6 |
|
| 53 |
| vulnerability |
VCID-w472-84ep-fkdx |
|
| 54 |
| vulnerability |
VCID-w8ff-vxga-8qcz |
|
| 55 |
| vulnerability |
VCID-wbwx-5vg3-uqcd |
|
| 56 |
| vulnerability |
VCID-wmam-qmmg-6uay |
|
| 57 |
| vulnerability |
VCID-xc5k-47n9-43d6 |
|
| 58 |
| vulnerability |
VCID-xgj8-zrta-kub9 |
|
| 59 |
| vulnerability |
VCID-y41p-tgpa-m7cs |
|
| 60 |
| vulnerability |
VCID-y44u-23he-aya8 |
|
| 61 |
| vulnerability |
VCID-yjtj-ydsg-u7ca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0 |
|
|
| aliases |
CVE-2018-16842
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zg98-v6dj-s7gv |
|