Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:generic/curl.se/curl@7.1.1
Typegeneric
Namespacecurl.se
Namecurl
Version7.1.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.20.0
Latest_non_vulnerable_version8.20.0
Affected_by_vulnerabilities
0
url VCID-1a1k-d4ez-ybdu
vulnerability_id VCID-1a1k-d4ez-ybdu
summary When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35252
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.52551
published_at 2026-06-04T12:55:00Z
1
value 0.00289
scoring_system epss
scoring_elements 0.52611
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35252
2
reference_url https://curl.se/docs/CVE-2022-35252.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2022-35252.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/1613943
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://hackerone.com/reports/1613943
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831
reference_id 1018831
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831
7
reference_url http://seclists.org/fulldisclosure/2023/Jan/20
reference_id 20
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url http://seclists.org/fulldisclosure/2023/Jan/20
8
reference_url http://seclists.org/fulldisclosure/2023/Jan/21
reference_id 21
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url http://seclists.org/fulldisclosure/2023/Jan/21
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2120718
reference_id 2120718
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2120718
10
reference_url https://security.gentoo.org/glsa/202212-01
reference_id GLSA-202212-01
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://security.gentoo.org/glsa/202212-01
11
reference_url https://support.apple.com/kb/HT213603
reference_id HT213603
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://support.apple.com/kb/HT213603
12
reference_url https://support.apple.com/kb/HT213604
reference_id HT213604
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://support.apple.com/kb/HT213604
13
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
14
reference_url https://security.netapp.com/advisory/ntap-20220930-0005/
reference_id ntap-20220930-0005
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://security.netapp.com/advisory/ntap-20220930-0005/
15
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
16
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
17
reference_url https://access.redhat.com/errata/RHSA-2023:2478
reference_id RHSA-2023:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2478
18
reference_url https://access.redhat.com/errata/RHSA-2023:2963
reference_id RHSA-2023:2963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2963
19
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
20
reference_url https://usn.ubuntu.com/5587-1/
reference_id USN-5587-1
reference_type
scores
url https://usn.ubuntu.com/5587-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.85.0
purl pkg:generic/curl.se/curl@7.85.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1dw3-33ju-jkbs
1
vulnerability VCID-1zsv-4jdy-63en
2
vulnerability VCID-21ff-tazv-9ud3
3
vulnerability VCID-287k-bzqy-n7ag
4
vulnerability VCID-39qh-jayw-g3dh
5
vulnerability VCID-3p2z-61gq-muhs
6
vulnerability VCID-5un8-xymy-37bt
7
vulnerability VCID-6en5-etsd-2bce
8
vulnerability VCID-6ggz-pa5t-77c4
9
vulnerability VCID-7wqd-99h2-e7hk
10
vulnerability VCID-85qb-zec7-subc
11
vulnerability VCID-a8z6-bswu-jue8
12
vulnerability VCID-azcz-b8f2-63be
13
vulnerability VCID-bcuq-n4vb-k7f3
14
vulnerability VCID-bx2m-n5ft-3be8
15
vulnerability VCID-cdzf-3ydt-8bdk
16
vulnerability VCID-cfry-nx5h-kudv
17
vulnerability VCID-f9nm-d5ax-qkcb
18
vulnerability VCID-fcb7-8163-muf4
19
vulnerability VCID-ffmg-djmk-57hn
20
vulnerability VCID-g4n9-kg3s-pfcr
21
vulnerability VCID-g7ux-4vz2-ckfg
22
vulnerability VCID-gueb-wzpx-ufb2
23
vulnerability VCID-h4nw-va5b-23ef
24
vulnerability VCID-hhms-2hg6-nke9
25
vulnerability VCID-jnq1-hk6d-b3a3
26
vulnerability VCID-k3nv-gf9b-5ua2
27
vulnerability VCID-k5vr-1fmp-sqbw
28
vulnerability VCID-kq38-7s5x-nqaz
29
vulnerability VCID-mpuf-pp6z-q3d6
30
vulnerability VCID-ns58-vmsz-5ued
31
vulnerability VCID-nwvb-d466-4uaa
32
vulnerability VCID-p155-gbtu-abg1
33
vulnerability VCID-p97a-kjpp-f3d8
34
vulnerability VCID-r2g9-c896-rkge
35
vulnerability VCID-razg-yr7y-ukgd
36
vulnerability VCID-secz-78pt-dben
37
vulnerability VCID-sutv-qt2x-2yc7
38
vulnerability VCID-u1p8-s8vm-3yer
39
vulnerability VCID-v82t-s9e1-2fbw
40
vulnerability VCID-w472-84ep-fkdx
41
vulnerability VCID-w8ff-vxga-8qcz
42
vulnerability VCID-wgur-psum-pbck
43
vulnerability VCID-wmam-qmmg-6uay
44
vulnerability VCID-y41p-tgpa-m7cs
45
vulnerability VCID-y44u-23he-aya8
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0
aliases CVE-2022-35252
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1k-d4ez-ybdu
1
url VCID-1b5g-9trz-7ufb
vulnerability_id VCID-1b5g-9trz-7ufb
summary curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9586
reference_id
reference_type
scores
0
value 0.01009
scoring_system epss
scoring_elements 0.7743
published_at 2026-06-04T12:55:00Z
1
value 0.01009
scoring_system epss
scoring_elements 0.77458
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9586
2
reference_url https://curl.se/docs/CVE-2016-9586.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-9586.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.2
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:N/C:N/I:N/A:P
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url http://www.securitytracker.com/id/1037515
reference_id 1037515
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url http://www.securitytracker.com/id/1037515
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406712
reference_id 1406712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406712
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958
reference_id 848958
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958
8
reference_url http://www.securityfocus.com/bid/95019
reference_id 95019
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url http://www.securityfocus.com/bid/95019
9
reference_url https://curl.haxx.se/docs/adv_20161221A.html
reference_id adv_20161221A.html
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://curl.haxx.se/docs/adv_20161221A.html
10
reference_url https://security.archlinux.org/ASA-201612-22
reference_id ASA-201612-22
reference_type
scores
url https://security.archlinux.org/ASA-201612-22
11
reference_url https://security.archlinux.org/ASA-201701-10
reference_id ASA-201701-10
reference_type
scores
url https://security.archlinux.org/ASA-201701-10
12
reference_url https://security.archlinux.org/ASA-201701-11
reference_id ASA-201701-11
reference_type
scores
url https://security.archlinux.org/ASA-201701-11
13
reference_url https://security.archlinux.org/ASA-201701-7
reference_id ASA-201701-7
reference_type
scores
url https://security.archlinux.org/ASA-201701-7
14
reference_url https://security.archlinux.org/ASA-201701-8
reference_id ASA-201701-8
reference_type
scores
url https://security.archlinux.org/ASA-201701-8
15
reference_url https://security.archlinux.org/ASA-201701-9
reference_id ASA-201701-9
reference_type
scores
url https://security.archlinux.org/ASA-201701-9
16
reference_url https://security.archlinux.org/AVG-112
reference_id AVG-112
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-112
17
reference_url https://security.archlinux.org/AVG-113
reference_id AVG-113
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-113
18
reference_url https://security.archlinux.org/AVG-114
reference_id AVG-114
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-114
19
reference_url https://security.archlinux.org/AVG-115
reference_id AVG-115
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-115
20
reference_url https://security.archlinux.org/AVG-116
reference_id AVG-116
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-116
21
reference_url https://security.archlinux.org/AVG-117
reference_id AVG-117
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-117
22
reference_url https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16
reference_id curl-7_51_0-162-g3ab3c16
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16
23
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://security.gentoo.org/glsa/201701-47
24
reference_url https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
25
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586
reference_id show_bug.cgi?id=CVE-2016-9586
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586
28
reference_url https://usn.ubuntu.com/3441-1/
reference_id USN-3441-1
reference_type
scores
url https://usn.ubuntu.com/3441-1/
29
reference_url https://usn.ubuntu.com/3441-2/
reference_id USN-3441-2
reference_type
scores
url https://usn.ubuntu.com/3441-2/
fixed_packages
0
url pkg:generic/curl.se/curl@7.52.0
purl pkg:generic/curl.se/curl@7.52.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-1kpz-55f1-f7dj
4
vulnerability VCID-1m1w-rayk-sffe
5
vulnerability VCID-1zsv-4jdy-63en
6
vulnerability VCID-21ff-tazv-9ud3
7
vulnerability VCID-27bv-f11z-myak
8
vulnerability VCID-39qh-jayw-g3dh
9
vulnerability VCID-3ws4-1sak-r3ck
10
vulnerability VCID-4hha-2z31-2bf8
11
vulnerability VCID-4zcd-rbx3-qye5
12
vulnerability VCID-53st-1j3z-h7by
13
vulnerability VCID-58p5-pfy3-xug1
14
vulnerability VCID-5svr-3vv9-mqea
15
vulnerability VCID-5ujs-47hf-g7gj
16
vulnerability VCID-5un8-xymy-37bt
17
vulnerability VCID-6745-tyba-33fa
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-a58z-fu87-9ybs
23
vulnerability VCID-a8z6-bswu-jue8
24
vulnerability VCID-am31-t2h3-zbgw
25
vulnerability VCID-azcz-b8f2-63be
26
vulnerability VCID-bb6v-z8yg-6fe3
27
vulnerability VCID-bcuq-n4vb-k7f3
28
vulnerability VCID-bx2m-n5ft-3be8
29
vulnerability VCID-cdzf-3ydt-8bdk
30
vulnerability VCID-f7n8-zzhz-fuc8
31
vulnerability VCID-f8vu-23bb-5ue7
32
vulnerability VCID-f9nm-d5ax-qkcb
33
vulnerability VCID-fhc8-r8gv-bugj
34
vulnerability VCID-g4n9-kg3s-pfcr
35
vulnerability VCID-g7ux-4vz2-ckfg
36
vulnerability VCID-gud1-yg9u-zyfp
37
vulnerability VCID-gueb-wzpx-ufb2
38
vulnerability VCID-h6xj-mys4-pucf
39
vulnerability VCID-hhms-2hg6-nke9
40
vulnerability VCID-j688-cyfg-p7gu
41
vulnerability VCID-jnq1-hk6d-b3a3
42
vulnerability VCID-k79t-tesa-jfck
43
vulnerability VCID-kkrm-dj79-4ucj
44
vulnerability VCID-kq38-7s5x-nqaz
45
vulnerability VCID-mh96-gkf1-9uek
46
vulnerability VCID-msd2-35g9-nyd2
47
vulnerability VCID-naac-snjw-qbad
48
vulnerability VCID-p8vk-yf66-wbb7
49
vulnerability VCID-p97a-kjpp-f3d8
50
vulnerability VCID-q46r-7nct-s3bw
51
vulnerability VCID-q8tg-prj1-y7b8
52
vulnerability VCID-qrnc-7ywu-37cz
53
vulnerability VCID-r2g9-c896-rkge
54
vulnerability VCID-raxd-4nxj-gkhp
55
vulnerability VCID-rt5e-saz2-j7c9
56
vulnerability VCID-secz-78pt-dben
57
vulnerability VCID-sutv-qt2x-2yc7
58
vulnerability VCID-swmn-7ns9-ekg1
59
vulnerability VCID-tcxd-z7f3-kkes
60
vulnerability VCID-td39-d3tf-vkhc
61
vulnerability VCID-tn33-re3r-yfhw
62
vulnerability VCID-uj78-2cgz-zbdb
63
vulnerability VCID-vpkr-9akj-hbf6
64
vulnerability VCID-w472-84ep-fkdx
65
vulnerability VCID-w63e-dku9-mqe9
66
vulnerability VCID-w8ff-vxga-8qcz
67
vulnerability VCID-wmam-qmmg-6uay
68
vulnerability VCID-xgj8-zrta-kub9
69
vulnerability VCID-y41p-tgpa-m7cs
70
vulnerability VCID-y44u-23he-aya8
71
vulnerability VCID-yjtj-ydsg-u7ca
72
vulnerability VCID-zg98-v6dj-s7gv
73
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0
aliases CVE-2016-9586
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1b5g-9trz-7ufb
2
url VCID-5xjw-u8ad-n3g5
vulnerability_id VCID-5xjw-u8ad-n3g5
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8615
reference_id
reference_type
scores
0
value 0.04293
scoring_system epss
scoring_elements 0.89065
published_at 2026-06-05T12:55:00Z
1
value 0.04293
scoring_system epss
scoring_elements 0.89048
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8615
2
reference_url https://curl.se/docs/CVE-2016-8615.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-8615.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url http://www.securitytracker.com/id/1037192
reference_id 1037192
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url http://www.securitytracker.com/id/1037192
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388370
reference_id 1388370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1388370
16
reference_url http://www.securityfocus.com/bid/94096
reference_id 94096
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url http://www.securityfocus.com/bid/94096
17
reference_url https://curl.haxx.se/docs/adv_20161102A.html
reference_id adv_20161102A.html
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://curl.haxx.se/docs/adv_20161102A.html
18
reference_url https://security.archlinux.org/ASA-201611-10
reference_id ASA-201611-10
reference_type
scores
url https://security.archlinux.org/ASA-201611-10
19
reference_url https://security.archlinux.org/ASA-201611-4
reference_id ASA-201611-4
reference_type
scores
url https://security.archlinux.org/ASA-201611-4
20
reference_url https://security.archlinux.org/ASA-201611-5
reference_id ASA-201611-5
reference_type
scores
url https://security.archlinux.org/ASA-201611-5
21
reference_url https://security.archlinux.org/ASA-201611-7
reference_id ASA-201611-7
reference_type
scores
url https://security.archlinux.org/ASA-201611-7
22
reference_url https://security.archlinux.org/ASA-201611-8
reference_id ASA-201611-8
reference_type
scores
url https://security.archlinux.org/ASA-201611-8
23
reference_url https://security.archlinux.org/ASA-201611-9
reference_id ASA-201611-9
reference_type
scores
url https://security.archlinux.org/ASA-201611-9
24
reference_url https://security.archlinux.org/AVG-60
reference_id AVG-60
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-60
25
reference_url https://security.archlinux.org/AVG-61
reference_id AVG-61
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-61
26
reference_url https://security.archlinux.org/AVG-62
reference_id AVG-62
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-62
27
reference_url https://security.archlinux.org/AVG-63
reference_id AVG-63
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-63
28
reference_url https://security.archlinux.org/AVG-65
reference_id AVG-65
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-65
29
reference_url https://security.archlinux.org/AVG-66
reference_id AVG-66
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-66
30
reference_url https://curl.haxx.se/CVE-2016-8615.patch
reference_id CVE-2016-8615.patch
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://curl.haxx.se/CVE-2016-8615.patch
31
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://security.gentoo.org/glsa/201701-47
32
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615
reference_id show_bug.cgi?id=CVE-2016-8615
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615
35
reference_url https://www.tenable.com/security/tns-2016-21
reference_id tns-2016-21
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/
url https://www.tenable.com/security/tns-2016-21
36
reference_url https://usn.ubuntu.com/3123-1/
reference_id USN-3123-1
reference_type
scores
url https://usn.ubuntu.com/3123-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.51.0
purl pkg:generic/curl.se/curl@7.51.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1zsv-4jdy-63en
7
vulnerability VCID-21ff-tazv-9ud3
8
vulnerability VCID-27bv-f11z-myak
9
vulnerability VCID-39qh-jayw-g3dh
10
vulnerability VCID-3ws4-1sak-r3ck
11
vulnerability VCID-4hha-2z31-2bf8
12
vulnerability VCID-4zcd-rbx3-qye5
13
vulnerability VCID-58p5-pfy3-xug1
14
vulnerability VCID-5svr-3vv9-mqea
15
vulnerability VCID-5ujs-47hf-g7gj
16
vulnerability VCID-5un8-xymy-37bt
17
vulnerability VCID-6745-tyba-33fa
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-a58z-fu87-9ybs
23
vulnerability VCID-a8z6-bswu-jue8
24
vulnerability VCID-am31-t2h3-zbgw
25
vulnerability VCID-azcz-b8f2-63be
26
vulnerability VCID-bb6v-z8yg-6fe3
27
vulnerability VCID-bcuq-n4vb-k7f3
28
vulnerability VCID-bx2m-n5ft-3be8
29
vulnerability VCID-cdzf-3ydt-8bdk
30
vulnerability VCID-f7n8-zzhz-fuc8
31
vulnerability VCID-f8vu-23bb-5ue7
32
vulnerability VCID-f9nm-d5ax-qkcb
33
vulnerability VCID-fhc8-r8gv-bugj
34
vulnerability VCID-g4n9-kg3s-pfcr
35
vulnerability VCID-g7ux-4vz2-ckfg
36
vulnerability VCID-gud1-yg9u-zyfp
37
vulnerability VCID-gueb-wzpx-ufb2
38
vulnerability VCID-h6xj-mys4-pucf
39
vulnerability VCID-hhms-2hg6-nke9
40
vulnerability VCID-j688-cyfg-p7gu
41
vulnerability VCID-jf17-h97b-6bak
42
vulnerability VCID-jnq1-hk6d-b3a3
43
vulnerability VCID-kkrm-dj79-4ucj
44
vulnerability VCID-kq38-7s5x-nqaz
45
vulnerability VCID-mh96-gkf1-9uek
46
vulnerability VCID-msd2-35g9-nyd2
47
vulnerability VCID-naac-snjw-qbad
48
vulnerability VCID-p8vk-yf66-wbb7
49
vulnerability VCID-p97a-kjpp-f3d8
50
vulnerability VCID-q46r-7nct-s3bw
51
vulnerability VCID-q8tg-prj1-y7b8
52
vulnerability VCID-qrnc-7ywu-37cz
53
vulnerability VCID-r2g9-c896-rkge
54
vulnerability VCID-raxd-4nxj-gkhp
55
vulnerability VCID-rt5e-saz2-j7c9
56
vulnerability VCID-secz-78pt-dben
57
vulnerability VCID-sutv-qt2x-2yc7
58
vulnerability VCID-swmn-7ns9-ekg1
59
vulnerability VCID-tcxd-z7f3-kkes
60
vulnerability VCID-td39-d3tf-vkhc
61
vulnerability VCID-tn33-re3r-yfhw
62
vulnerability VCID-vpkr-9akj-hbf6
63
vulnerability VCID-w472-84ep-fkdx
64
vulnerability VCID-w8ff-vxga-8qcz
65
vulnerability VCID-wmam-qmmg-6uay
66
vulnerability VCID-xgj8-zrta-kub9
67
vulnerability VCID-y41p-tgpa-m7cs
68
vulnerability VCID-y44u-23he-aya8
69
vulnerability VCID-yjtj-ydsg-u7ca
70
vulnerability VCID-z8ex-47nd-47cm
71
vulnerability VCID-zg98-v6dj-s7gv
72
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0
aliases CVE-2016-8615
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xjw-u8ad-n3g5
3
url VCID-6fv7-7u2t-gfgb
vulnerability_id VCID-6fv7-7u2t-gfgb
summary cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0754
reference_id
reference_type
scores
0
value 0.00351
scoring_system epss
scoring_elements 0.57772
published_at 2026-06-04T12:55:00Z
1
value 0.00351
scoring_system epss
scoring_elements 0.57825
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0754
1
reference_url https://curl.se/docs/CVE-2016-0754.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-0754.html
fixed_packages
0
url pkg:generic/curl.se/curl@7.47.0
purl pkg:generic/curl.se/curl@7.47.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1y6d-7vfu-ybb3
7
vulnerability VCID-1zsv-4jdy-63en
8
vulnerability VCID-21ff-tazv-9ud3
9
vulnerability VCID-27bv-f11z-myak
10
vulnerability VCID-39qh-jayw-g3dh
11
vulnerability VCID-3s4s-6c3v-7kgn
12
vulnerability VCID-3ws4-1sak-r3ck
13
vulnerability VCID-4hha-2z31-2bf8
14
vulnerability VCID-4zcd-rbx3-qye5
15
vulnerability VCID-51ac-1jc2-vfed
16
vulnerability VCID-58p5-pfy3-xug1
17
vulnerability VCID-5svr-3vv9-mqea
18
vulnerability VCID-5ujs-47hf-g7gj
19
vulnerability VCID-5un8-xymy-37bt
20
vulnerability VCID-5xjw-u8ad-n3g5
21
vulnerability VCID-6745-tyba-33fa
22
vulnerability VCID-6rk4-vb5u-bkg6
23
vulnerability VCID-738z-myg9-37hr
24
vulnerability VCID-7jrx-ykk8-h3gp
25
vulnerability VCID-7wqd-99h2-e7hk
26
vulnerability VCID-7yvu-s3p2-sfhc
27
vulnerability VCID-a58z-fu87-9ybs
28
vulnerability VCID-a8z6-bswu-jue8
29
vulnerability VCID-am31-t2h3-zbgw
30
vulnerability VCID-av4f-gxku-qbhp
31
vulnerability VCID-azcz-b8f2-63be
32
vulnerability VCID-bb6v-z8yg-6fe3
33
vulnerability VCID-bcuq-n4vb-k7f3
34
vulnerability VCID-bx2m-n5ft-3be8
35
vulnerability VCID-cdzf-3ydt-8bdk
36
vulnerability VCID-dndt-tapy-23d2
37
vulnerability VCID-f7n8-zzhz-fuc8
38
vulnerability VCID-f8vu-23bb-5ue7
39
vulnerability VCID-f9nm-d5ax-qkcb
40
vulnerability VCID-fhc8-r8gv-bugj
41
vulnerability VCID-g4n9-kg3s-pfcr
42
vulnerability VCID-g7ux-4vz2-ckfg
43
vulnerability VCID-gud1-yg9u-zyfp
44
vulnerability VCID-gueb-wzpx-ufb2
45
vulnerability VCID-h6xj-mys4-pucf
46
vulnerability VCID-hhms-2hg6-nke9
47
vulnerability VCID-j688-cyfg-p7gu
48
vulnerability VCID-jf17-h97b-6bak
49
vulnerability VCID-jnq1-hk6d-b3a3
50
vulnerability VCID-kkrm-dj79-4ucj
51
vulnerability VCID-kq38-7s5x-nqaz
52
vulnerability VCID-mh96-gkf1-9uek
53
vulnerability VCID-mq44-5pmp-2qhh
54
vulnerability VCID-msd2-35g9-nyd2
55
vulnerability VCID-naac-snjw-qbad
56
vulnerability VCID-p8vk-yf66-wbb7
57
vulnerability VCID-p97a-kjpp-f3d8
58
vulnerability VCID-q46r-7nct-s3bw
59
vulnerability VCID-q8ja-keyk-fyfb
60
vulnerability VCID-q8tg-prj1-y7b8
61
vulnerability VCID-qe9z-wuze-tucq
62
vulnerability VCID-qrnc-7ywu-37cz
63
vulnerability VCID-r2g9-c896-rkge
64
vulnerability VCID-rfdp-gsgs-eubq
65
vulnerability VCID-rt5e-saz2-j7c9
66
vulnerability VCID-s2gu-8jpq-mub9
67
vulnerability VCID-secz-78pt-dben
68
vulnerability VCID-sesh-938m-x3f8
69
vulnerability VCID-snsg-c2up-b7cn
70
vulnerability VCID-sutv-qt2x-2yc7
71
vulnerability VCID-swmn-7ns9-ekg1
72
vulnerability VCID-tcxd-z7f3-kkes
73
vulnerability VCID-td39-d3tf-vkhc
74
vulnerability VCID-tn33-re3r-yfhw
75
vulnerability VCID-ugrr-z2zv-6qgp
76
vulnerability VCID-vfc1-yy11-bycp
77
vulnerability VCID-vpkr-9akj-hbf6
78
vulnerability VCID-w472-84ep-fkdx
79
vulnerability VCID-w8ff-vxga-8qcz
80
vulnerability VCID-wmam-qmmg-6uay
81
vulnerability VCID-xgj8-zrta-kub9
82
vulnerability VCID-xyze-msxs-1qem
83
vulnerability VCID-y41p-tgpa-m7cs
84
vulnerability VCID-y44u-23he-aya8
85
vulnerability VCID-yjtj-ydsg-u7ca
86
vulnerability VCID-z8ex-47nd-47cm
87
vulnerability VCID-zg98-v6dj-s7gv
88
vulnerability VCID-zqyj-7rr3-fqew
89
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0
aliases CVE-2016-0754
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fv7-7u2t-gfgb
4
url VCID-738z-myg9-37hr
vulnerability_id VCID-738z-myg9-37hr
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27774
reference_id
reference_type
scores
0
value 0.00314
scoring_system epss
scoring_elements 0.54842
published_at 2026-06-04T12:55:00Z
1
value 0.00314
scoring_system epss
scoring_elements 0.54901
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27774
2
reference_url https://curl.se/docs/CVE-2022-27774.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2022-27774.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://hackerone.com/reports/1543773
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/
url https://hackerone.com/reports/1543773
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254
reference_id 1010254
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2077547
reference_id 2077547
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2077547
22
reference_url https://security.archlinux.org/AVG-2685
reference_id AVG-2685
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2685
23
reference_url https://www.debian.org/security/2022/dsa-5197
reference_id dsa-5197
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/
url https://www.debian.org/security/2022/dsa-5197
24
reference_url https://security.gentoo.org/glsa/202212-01
reference_id GLSA-202212-01
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/
url https://security.gentoo.org/glsa/202212-01
25
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
26
reference_url https://security.netapp.com/advisory/ntap-20220609-0008/
reference_id ntap-20220609-0008
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/
url https://security.netapp.com/advisory/ntap-20220609-0008/
27
reference_url https://access.redhat.com/errata/RHSA-2022:5245
reference_id RHSA-2022:5245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5245
28
reference_url https://access.redhat.com/errata/RHSA-2022:5313
reference_id RHSA-2022:5313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5313
29
reference_url https://usn.ubuntu.com/5397-1/
reference_id USN-5397-1
reference_type
scores
url https://usn.ubuntu.com/5397-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.83.0
purl pkg:generic/curl.se/curl@7.83.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1k-d4ez-ybdu
1
vulnerability VCID-1dw3-33ju-jkbs
2
vulnerability VCID-1zsv-4jdy-63en
3
vulnerability VCID-21ff-tazv-9ud3
4
vulnerability VCID-287k-bzqy-n7ag
5
vulnerability VCID-39qh-jayw-g3dh
6
vulnerability VCID-3p2z-61gq-muhs
7
vulnerability VCID-5m9y-9y57-kqg6
8
vulnerability VCID-5un8-xymy-37bt
9
vulnerability VCID-6en5-etsd-2bce
10
vulnerability VCID-6ggz-pa5t-77c4
11
vulnerability VCID-7wqd-99h2-e7hk
12
vulnerability VCID-7z3h-9pk3-rqct
13
vulnerability VCID-a8z6-bswu-jue8
14
vulnerability VCID-azcz-b8f2-63be
15
vulnerability VCID-bcuq-n4vb-k7f3
16
vulnerability VCID-bx2m-n5ft-3be8
17
vulnerability VCID-cdzf-3ydt-8bdk
18
vulnerability VCID-cfry-nx5h-kudv
19
vulnerability VCID-f9nm-d5ax-qkcb
20
vulnerability VCID-fcb7-8163-muf4
21
vulnerability VCID-g4n9-kg3s-pfcr
22
vulnerability VCID-g7ux-4vz2-ckfg
23
vulnerability VCID-gueb-wzpx-ufb2
24
vulnerability VCID-h4nw-va5b-23ef
25
vulnerability VCID-hb4z-s871-d7ck
26
vulnerability VCID-hhms-2hg6-nke9
27
vulnerability VCID-jnq1-hk6d-b3a3
28
vulnerability VCID-k5vr-1fmp-sqbw
29
vulnerability VCID-kq38-7s5x-nqaz
30
vulnerability VCID-mqzd-mcw5-s3h6
31
vulnerability VCID-mray-vkqx-5ka7
32
vulnerability VCID-ns58-vmsz-5ued
33
vulnerability VCID-nwvb-d466-4uaa
34
vulnerability VCID-p155-gbtu-abg1
35
vulnerability VCID-p97a-kjpp-f3d8
36
vulnerability VCID-r2g9-c896-rkge
37
vulnerability VCID-razg-yr7y-ukgd
38
vulnerability VCID-secz-78pt-dben
39
vulnerability VCID-sutv-qt2x-2yc7
40
vulnerability VCID-tzs5-qzhn-rqbk
41
vulnerability VCID-u1p8-s8vm-3yer
42
vulnerability VCID-v82t-s9e1-2fbw
43
vulnerability VCID-vpkr-9akj-hbf6
44
vulnerability VCID-w472-84ep-fkdx
45
vulnerability VCID-w8ff-vxga-8qcz
46
vulnerability VCID-wbwx-5vg3-uqcd
47
vulnerability VCID-wgur-psum-pbck
48
vulnerability VCID-wmam-qmmg-6uay
49
vulnerability VCID-xgj8-zrta-kub9
50
vulnerability VCID-y41p-tgpa-m7cs
51
vulnerability VCID-y44u-23he-aya8
52
vulnerability VCID-yjtj-ydsg-u7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0
aliases CVE-2022-27774
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-738z-myg9-37hr
5
url VCID-av4f-gxku-qbhp
vulnerability_id VCID-av4f-gxku-qbhp
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8624
reference_id
reference_type
scores
0
value 0.01363
scoring_system epss
scoring_elements 0.8054
published_at 2026-06-05T12:55:00Z
1
value 0.01363
scoring_system epss
scoring_elements 0.80514
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8624
2
reference_url https://curl.se/docs/CVE-2016-8624.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-8624.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url http://www.securitytracker.com/id/1037192
reference_id 1037192
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url http://www.securitytracker.com/id/1037192
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388390
reference_id 1388390
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1388390
16
reference_url http://www.securityfocus.com/bid/94103
reference_id 94103
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url http://www.securityfocus.com/bid/94103
17
reference_url https://curl.haxx.se/docs/adv_20161102J.html
reference_id adv_20161102J.html
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://curl.haxx.se/docs/adv_20161102J.html
18
reference_url https://security.archlinux.org/ASA-201611-10
reference_id ASA-201611-10
reference_type
scores
url https://security.archlinux.org/ASA-201611-10
19
reference_url https://security.archlinux.org/ASA-201611-4
reference_id ASA-201611-4
reference_type
scores
url https://security.archlinux.org/ASA-201611-4
20
reference_url https://security.archlinux.org/ASA-201611-5
reference_id ASA-201611-5
reference_type
scores
url https://security.archlinux.org/ASA-201611-5
21
reference_url https://security.archlinux.org/ASA-201611-7
reference_id ASA-201611-7
reference_type
scores
url https://security.archlinux.org/ASA-201611-7
22
reference_url https://security.archlinux.org/ASA-201611-8
reference_id ASA-201611-8
reference_type
scores
url https://security.archlinux.org/ASA-201611-8
23
reference_url https://security.archlinux.org/ASA-201611-9
reference_id ASA-201611-9
reference_type
scores
url https://security.archlinux.org/ASA-201611-9
24
reference_url https://security.archlinux.org/AVG-60
reference_id AVG-60
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-60
25
reference_url https://security.archlinux.org/AVG-61
reference_id AVG-61
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-61
26
reference_url https://security.archlinux.org/AVG-62
reference_id AVG-62
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-62
27
reference_url https://security.archlinux.org/AVG-63
reference_id AVG-63
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-63
28
reference_url https://security.archlinux.org/AVG-65
reference_id AVG-65
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-65
29
reference_url https://security.archlinux.org/AVG-66
reference_id AVG-66
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-66
30
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://security.gentoo.org/glsa/201701-47
31
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E
reference_id rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624
reference_id show_bug.cgi?id=CVE-2016-8624
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624
35
reference_url https://www.tenable.com/security/tns-2016-21
reference_id tns-2016-21
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/
url https://www.tenable.com/security/tns-2016-21
36
reference_url https://usn.ubuntu.com/3123-1/
reference_id USN-3123-1
reference_type
scores
url https://usn.ubuntu.com/3123-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.51.0
purl pkg:generic/curl.se/curl@7.51.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1zsv-4jdy-63en
7
vulnerability VCID-21ff-tazv-9ud3
8
vulnerability VCID-27bv-f11z-myak
9
vulnerability VCID-39qh-jayw-g3dh
10
vulnerability VCID-3ws4-1sak-r3ck
11
vulnerability VCID-4hha-2z31-2bf8
12
vulnerability VCID-4zcd-rbx3-qye5
13
vulnerability VCID-58p5-pfy3-xug1
14
vulnerability VCID-5svr-3vv9-mqea
15
vulnerability VCID-5ujs-47hf-g7gj
16
vulnerability VCID-5un8-xymy-37bt
17
vulnerability VCID-6745-tyba-33fa
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-a58z-fu87-9ybs
23
vulnerability VCID-a8z6-bswu-jue8
24
vulnerability VCID-am31-t2h3-zbgw
25
vulnerability VCID-azcz-b8f2-63be
26
vulnerability VCID-bb6v-z8yg-6fe3
27
vulnerability VCID-bcuq-n4vb-k7f3
28
vulnerability VCID-bx2m-n5ft-3be8
29
vulnerability VCID-cdzf-3ydt-8bdk
30
vulnerability VCID-f7n8-zzhz-fuc8
31
vulnerability VCID-f8vu-23bb-5ue7
32
vulnerability VCID-f9nm-d5ax-qkcb
33
vulnerability VCID-fhc8-r8gv-bugj
34
vulnerability VCID-g4n9-kg3s-pfcr
35
vulnerability VCID-g7ux-4vz2-ckfg
36
vulnerability VCID-gud1-yg9u-zyfp
37
vulnerability VCID-gueb-wzpx-ufb2
38
vulnerability VCID-h6xj-mys4-pucf
39
vulnerability VCID-hhms-2hg6-nke9
40
vulnerability VCID-j688-cyfg-p7gu
41
vulnerability VCID-jf17-h97b-6bak
42
vulnerability VCID-jnq1-hk6d-b3a3
43
vulnerability VCID-kkrm-dj79-4ucj
44
vulnerability VCID-kq38-7s5x-nqaz
45
vulnerability VCID-mh96-gkf1-9uek
46
vulnerability VCID-msd2-35g9-nyd2
47
vulnerability VCID-naac-snjw-qbad
48
vulnerability VCID-p8vk-yf66-wbb7
49
vulnerability VCID-p97a-kjpp-f3d8
50
vulnerability VCID-q46r-7nct-s3bw
51
vulnerability VCID-q8tg-prj1-y7b8
52
vulnerability VCID-qrnc-7ywu-37cz
53
vulnerability VCID-r2g9-c896-rkge
54
vulnerability VCID-raxd-4nxj-gkhp
55
vulnerability VCID-rt5e-saz2-j7c9
56
vulnerability VCID-secz-78pt-dben
57
vulnerability VCID-sutv-qt2x-2yc7
58
vulnerability VCID-swmn-7ns9-ekg1
59
vulnerability VCID-tcxd-z7f3-kkes
60
vulnerability VCID-td39-d3tf-vkhc
61
vulnerability VCID-tn33-re3r-yfhw
62
vulnerability VCID-vpkr-9akj-hbf6
63
vulnerability VCID-w472-84ep-fkdx
64
vulnerability VCID-w8ff-vxga-8qcz
65
vulnerability VCID-wmam-qmmg-6uay
66
vulnerability VCID-xgj8-zrta-kub9
67
vulnerability VCID-y41p-tgpa-m7cs
68
vulnerability VCID-y44u-23he-aya8
69
vulnerability VCID-yjtj-ydsg-u7ca
70
vulnerability VCID-z8ex-47nd-47cm
71
vulnerability VCID-zg98-v6dj-s7gv
72
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0
aliases CVE-2016-8624
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-av4f-gxku-qbhp
6
url VCID-dndt-tapy-23d2
vulnerability_id VCID-dndt-tapy-23d2
summary curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5419
reference_id
reference_type
scores
0
value 0.01912
scoring_system epss
scoring_elements 0.83631
published_at 2026-06-04T12:55:00Z
1
value 0.01912
scoring_system epss
scoring_elements 0.83655
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5419
2
reference_url https://curl.se/docs/CVE-2016-5419.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-5419.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1362183
reference_id 1362183
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1362183
8
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
url https://security.gentoo.org/glsa/201701-47
9
reference_url https://access.redhat.com/errata/RHSA-2016:2575
reference_id RHSA-2016:2575
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2575
10
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
11
reference_url https://usn.ubuntu.com/3048-1/
reference_id USN-3048-1
reference_type
scores
url https://usn.ubuntu.com/3048-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.50.1
purl pkg:generic/curl.se/curl@7.50.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1y6d-7vfu-ybb3
7
vulnerability VCID-1zsv-4jdy-63en
8
vulnerability VCID-21ff-tazv-9ud3
9
vulnerability VCID-27bv-f11z-myak
10
vulnerability VCID-39qh-jayw-g3dh
11
vulnerability VCID-3ws4-1sak-r3ck
12
vulnerability VCID-4hha-2z31-2bf8
13
vulnerability VCID-4zcd-rbx3-qye5
14
vulnerability VCID-51ac-1jc2-vfed
15
vulnerability VCID-58p5-pfy3-xug1
16
vulnerability VCID-5svr-3vv9-mqea
17
vulnerability VCID-5ujs-47hf-g7gj
18
vulnerability VCID-5un8-xymy-37bt
19
vulnerability VCID-5xjw-u8ad-n3g5
20
vulnerability VCID-6745-tyba-33fa
21
vulnerability VCID-738z-myg9-37hr
22
vulnerability VCID-7jrx-ykk8-h3gp
23
vulnerability VCID-7wqd-99h2-e7hk
24
vulnerability VCID-7yvu-s3p2-sfhc
25
vulnerability VCID-a58z-fu87-9ybs
26
vulnerability VCID-a8z6-bswu-jue8
27
vulnerability VCID-am31-t2h3-zbgw
28
vulnerability VCID-av4f-gxku-qbhp
29
vulnerability VCID-azcz-b8f2-63be
30
vulnerability VCID-bb6v-z8yg-6fe3
31
vulnerability VCID-bcuq-n4vb-k7f3
32
vulnerability VCID-bx2m-n5ft-3be8
33
vulnerability VCID-cdzf-3ydt-8bdk
34
vulnerability VCID-f7n8-zzhz-fuc8
35
vulnerability VCID-f8vu-23bb-5ue7
36
vulnerability VCID-f9nm-d5ax-qkcb
37
vulnerability VCID-fhc8-r8gv-bugj
38
vulnerability VCID-g4n9-kg3s-pfcr
39
vulnerability VCID-g7ux-4vz2-ckfg
40
vulnerability VCID-gud1-yg9u-zyfp
41
vulnerability VCID-gueb-wzpx-ufb2
42
vulnerability VCID-h6xj-mys4-pucf
43
vulnerability VCID-hhms-2hg6-nke9
44
vulnerability VCID-j688-cyfg-p7gu
45
vulnerability VCID-jf17-h97b-6bak
46
vulnerability VCID-jnq1-hk6d-b3a3
47
vulnerability VCID-kkrm-dj79-4ucj
48
vulnerability VCID-kq38-7s5x-nqaz
49
vulnerability VCID-mh96-gkf1-9uek
50
vulnerability VCID-msd2-35g9-nyd2
51
vulnerability VCID-naac-snjw-qbad
52
vulnerability VCID-p8vk-yf66-wbb7
53
vulnerability VCID-p97a-kjpp-f3d8
54
vulnerability VCID-q46r-7nct-s3bw
55
vulnerability VCID-q8ja-keyk-fyfb
56
vulnerability VCID-q8tg-prj1-y7b8
57
vulnerability VCID-qe9z-wuze-tucq
58
vulnerability VCID-qrnc-7ywu-37cz
59
vulnerability VCID-r2g9-c896-rkge
60
vulnerability VCID-raxd-4nxj-gkhp
61
vulnerability VCID-rt5e-saz2-j7c9
62
vulnerability VCID-s2gu-8jpq-mub9
63
vulnerability VCID-secz-78pt-dben
64
vulnerability VCID-sesh-938m-x3f8
65
vulnerability VCID-snsg-c2up-b7cn
66
vulnerability VCID-sutv-qt2x-2yc7
67
vulnerability VCID-swmn-7ns9-ekg1
68
vulnerability VCID-tcxd-z7f3-kkes
69
vulnerability VCID-td39-d3tf-vkhc
70
vulnerability VCID-tn33-re3r-yfhw
71
vulnerability VCID-ugrr-z2zv-6qgp
72
vulnerability VCID-vfc1-yy11-bycp
73
vulnerability VCID-vpkr-9akj-hbf6
74
vulnerability VCID-w472-84ep-fkdx
75
vulnerability VCID-w8ff-vxga-8qcz
76
vulnerability VCID-wmam-qmmg-6uay
77
vulnerability VCID-xgj8-zrta-kub9
78
vulnerability VCID-xyze-msxs-1qem
79
vulnerability VCID-y41p-tgpa-m7cs
80
vulnerability VCID-y44u-23he-aya8
81
vulnerability VCID-yjtj-ydsg-u7ca
82
vulnerability VCID-z8ex-47nd-47cm
83
vulnerability VCID-zg98-v6dj-s7gv
84
vulnerability VCID-zqyj-7rr3-fqew
85
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1
aliases CVE-2016-5419
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dndt-tapy-23d2
7
url VCID-f276-amhj-9yfx
vulnerability_id VCID-f276-amhj-9yfx
summary The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3153
reference_id
reference_type
scores
0
value 0.08372
scoring_system epss
scoring_elements 0.92451
published_at 2026-06-04T12:55:00Z
1
value 0.08372
scoring_system epss
scoring_elements 0.92464
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3153
2
reference_url https://curl.se/docs/CVE-2015-3153.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2015-3153.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1217341
reference_id 1217341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1217341
5
reference_url https://usn.ubuntu.com/2591-1/
reference_id USN-2591-1
reference_type
scores
url https://usn.ubuntu.com/2591-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.42.1
purl pkg:generic/curl.se/curl@7.42.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1y6d-7vfu-ybb3
7
vulnerability VCID-1zsv-4jdy-63en
8
vulnerability VCID-21ff-tazv-9ud3
9
vulnerability VCID-27bv-f11z-myak
10
vulnerability VCID-39qh-jayw-g3dh
11
vulnerability VCID-3s4s-6c3v-7kgn
12
vulnerability VCID-3ws4-1sak-r3ck
13
vulnerability VCID-4hha-2z31-2bf8
14
vulnerability VCID-4zcd-rbx3-qye5
15
vulnerability VCID-51ac-1jc2-vfed
16
vulnerability VCID-5m1h-d3cm-dqfu
17
vulnerability VCID-5svr-3vv9-mqea
18
vulnerability VCID-5ujs-47hf-g7gj
19
vulnerability VCID-5un8-xymy-37bt
20
vulnerability VCID-5xjw-u8ad-n3g5
21
vulnerability VCID-6745-tyba-33fa
22
vulnerability VCID-6fv7-7u2t-gfgb
23
vulnerability VCID-6rk4-vb5u-bkg6
24
vulnerability VCID-738z-myg9-37hr
25
vulnerability VCID-7jrx-ykk8-h3gp
26
vulnerability VCID-7wqd-99h2-e7hk
27
vulnerability VCID-7yvu-s3p2-sfhc
28
vulnerability VCID-9rvz-5w86-u7e5
29
vulnerability VCID-a58z-fu87-9ybs
30
vulnerability VCID-a8z6-bswu-jue8
31
vulnerability VCID-am31-t2h3-zbgw
32
vulnerability VCID-av4f-gxku-qbhp
33
vulnerability VCID-azcz-b8f2-63be
34
vulnerability VCID-bb6v-z8yg-6fe3
35
vulnerability VCID-bcuq-n4vb-k7f3
36
vulnerability VCID-bx2m-n5ft-3be8
37
vulnerability VCID-cdar-9qhw-hke7
38
vulnerability VCID-cdzf-3ydt-8bdk
39
vulnerability VCID-dndt-tapy-23d2
40
vulnerability VCID-f7n8-zzhz-fuc8
41
vulnerability VCID-f8vu-23bb-5ue7
42
vulnerability VCID-f9nm-d5ax-qkcb
43
vulnerability VCID-fhc8-r8gv-bugj
44
vulnerability VCID-g4n9-kg3s-pfcr
45
vulnerability VCID-g7ux-4vz2-ckfg
46
vulnerability VCID-gud1-yg9u-zyfp
47
vulnerability VCID-gueb-wzpx-ufb2
48
vulnerability VCID-h6xj-mys4-pucf
49
vulnerability VCID-hhms-2hg6-nke9
50
vulnerability VCID-j688-cyfg-p7gu
51
vulnerability VCID-jf17-h97b-6bak
52
vulnerability VCID-kkrm-dj79-4ucj
53
vulnerability VCID-kq38-7s5x-nqaz
54
vulnerability VCID-mh96-gkf1-9uek
55
vulnerability VCID-mq44-5pmp-2qhh
56
vulnerability VCID-msd2-35g9-nyd2
57
vulnerability VCID-naac-snjw-qbad
58
vulnerability VCID-p8vk-yf66-wbb7
59
vulnerability VCID-p97a-kjpp-f3d8
60
vulnerability VCID-q46r-7nct-s3bw
61
vulnerability VCID-q8ja-keyk-fyfb
62
vulnerability VCID-q8tg-prj1-y7b8
63
vulnerability VCID-qe9z-wuze-tucq
64
vulnerability VCID-qrnc-7ywu-37cz
65
vulnerability VCID-r2g9-c896-rkge
66
vulnerability VCID-rfdp-gsgs-eubq
67
vulnerability VCID-rt5e-saz2-j7c9
68
vulnerability VCID-s2gu-8jpq-mub9
69
vulnerability VCID-secz-78pt-dben
70
vulnerability VCID-sesh-938m-x3f8
71
vulnerability VCID-snsg-c2up-b7cn
72
vulnerability VCID-sutv-qt2x-2yc7
73
vulnerability VCID-swmn-7ns9-ekg1
74
vulnerability VCID-tcxd-z7f3-kkes
75
vulnerability VCID-td39-d3tf-vkhc
76
vulnerability VCID-tn33-re3r-yfhw
77
vulnerability VCID-ugrr-z2zv-6qgp
78
vulnerability VCID-vfc1-yy11-bycp
79
vulnerability VCID-vpkr-9akj-hbf6
80
vulnerability VCID-w472-84ep-fkdx
81
vulnerability VCID-w8ff-vxga-8qcz
82
vulnerability VCID-xgj8-zrta-kub9
83
vulnerability VCID-xyze-msxs-1qem
84
vulnerability VCID-y41p-tgpa-m7cs
85
vulnerability VCID-y44u-23he-aya8
86
vulnerability VCID-yjtj-ydsg-u7ca
87
vulnerability VCID-z8ex-47nd-47cm
88
vulnerability VCID-zg98-v6dj-s7gv
89
vulnerability VCID-zqyj-7rr3-fqew
90
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.1
aliases CVE-2015-3153
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f276-amhj-9yfx
8
url VCID-f922-jx9w-mbc5
vulnerability_id VCID-f922-jx9w-mbc5
summary CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8150
reference_id
reference_type
scores
0
value 0.01225
scoring_system epss
scoring_elements 0.79462
published_at 2026-06-04T12:55:00Z
1
value 0.01225
scoring_system epss
scoring_elements 0.79489
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8150
2
reference_url https://curl.se/docs/CVE-2014-8150.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2014-8150.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1178692
reference_id 1178692
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1178692
5
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
url https://security.gentoo.org/glsa/201701-47
6
reference_url https://access.redhat.com/errata/RHSA-2015:1254
reference_id RHSA-2015:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1254
7
reference_url https://access.redhat.com/errata/RHSA-2015:2159
reference_id RHSA-2015:2159
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2159
8
reference_url https://usn.ubuntu.com/2474-1/
reference_id USN-2474-1
reference_type
scores
url https://usn.ubuntu.com/2474-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.40.0
purl pkg:generic/curl.se/curl@7.40.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1y6d-7vfu-ybb3
7
vulnerability VCID-1zsv-4jdy-63en
8
vulnerability VCID-21ff-tazv-9ud3
9
vulnerability VCID-27bv-f11z-myak
10
vulnerability VCID-39qh-jayw-g3dh
11
vulnerability VCID-3s4s-6c3v-7kgn
12
vulnerability VCID-3ws4-1sak-r3ck
13
vulnerability VCID-4hha-2z31-2bf8
14
vulnerability VCID-4zcd-rbx3-qye5
15
vulnerability VCID-51ac-1jc2-vfed
16
vulnerability VCID-5m1h-d3cm-dqfu
17
vulnerability VCID-5sem-gndf-97e6
18
vulnerability VCID-5svr-3vv9-mqea
19
vulnerability VCID-5ujs-47hf-g7gj
20
vulnerability VCID-5un8-xymy-37bt
21
vulnerability VCID-5xjw-u8ad-n3g5
22
vulnerability VCID-6745-tyba-33fa
23
vulnerability VCID-6fv7-7u2t-gfgb
24
vulnerability VCID-6rk4-vb5u-bkg6
25
vulnerability VCID-738z-myg9-37hr
26
vulnerability VCID-7jrx-ykk8-h3gp
27
vulnerability VCID-7wqd-99h2-e7hk
28
vulnerability VCID-7yvu-s3p2-sfhc
29
vulnerability VCID-8j6v-xbhy-7uc2
30
vulnerability VCID-9rvz-5w86-u7e5
31
vulnerability VCID-a58z-fu87-9ybs
32
vulnerability VCID-a8z6-bswu-jue8
33
vulnerability VCID-am31-t2h3-zbgw
34
vulnerability VCID-av4f-gxku-qbhp
35
vulnerability VCID-azcz-b8f2-63be
36
vulnerability VCID-bb6v-z8yg-6fe3
37
vulnerability VCID-bcuq-n4vb-k7f3
38
vulnerability VCID-bx2m-n5ft-3be8
39
vulnerability VCID-cdar-9qhw-hke7
40
vulnerability VCID-cdzf-3ydt-8bdk
41
vulnerability VCID-dndt-tapy-23d2
42
vulnerability VCID-f276-amhj-9yfx
43
vulnerability VCID-f8vu-23bb-5ue7
44
vulnerability VCID-f9nm-d5ax-qkcb
45
vulnerability VCID-fhc8-r8gv-bugj
46
vulnerability VCID-g4n9-kg3s-pfcr
47
vulnerability VCID-g7ux-4vz2-ckfg
48
vulnerability VCID-gud1-yg9u-zyfp
49
vulnerability VCID-gueb-wzpx-ufb2
50
vulnerability VCID-h6xj-mys4-pucf
51
vulnerability VCID-hhms-2hg6-nke9
52
vulnerability VCID-j688-cyfg-p7gu
53
vulnerability VCID-jf17-h97b-6bak
54
vulnerability VCID-kkrm-dj79-4ucj
55
vulnerability VCID-kq38-7s5x-nqaz
56
vulnerability VCID-mh96-gkf1-9uek
57
vulnerability VCID-mq44-5pmp-2qhh
58
vulnerability VCID-msd2-35g9-nyd2
59
vulnerability VCID-naac-snjw-qbad
60
vulnerability VCID-p8vk-yf66-wbb7
61
vulnerability VCID-p97a-kjpp-f3d8
62
vulnerability VCID-p9v4-nweu-vydg
63
vulnerability VCID-q46r-7nct-s3bw
64
vulnerability VCID-q8ja-keyk-fyfb
65
vulnerability VCID-q8tg-prj1-y7b8
66
vulnerability VCID-qe9z-wuze-tucq
67
vulnerability VCID-qrnc-7ywu-37cz
68
vulnerability VCID-r2g9-c896-rkge
69
vulnerability VCID-rfdp-gsgs-eubq
70
vulnerability VCID-rt5e-saz2-j7c9
71
vulnerability VCID-s2gu-8jpq-mub9
72
vulnerability VCID-s6gu-gm97-fyfk
73
vulnerability VCID-secz-78pt-dben
74
vulnerability VCID-sesh-938m-x3f8
75
vulnerability VCID-snsg-c2up-b7cn
76
vulnerability VCID-sutv-qt2x-2yc7
77
vulnerability VCID-swmn-7ns9-ekg1
78
vulnerability VCID-tcxd-z7f3-kkes
79
vulnerability VCID-td39-d3tf-vkhc
80
vulnerability VCID-tn33-re3r-yfhw
81
vulnerability VCID-ugrr-z2zv-6qgp
82
vulnerability VCID-vfc1-yy11-bycp
83
vulnerability VCID-vpkr-9akj-hbf6
84
vulnerability VCID-w472-84ep-fkdx
85
vulnerability VCID-w8ff-vxga-8qcz
86
vulnerability VCID-xgj8-zrta-kub9
87
vulnerability VCID-xyze-msxs-1qem
88
vulnerability VCID-y44u-23he-aya8
89
vulnerability VCID-yjtj-ydsg-u7ca
90
vulnerability VCID-z8ex-47nd-47cm
91
vulnerability VCID-zg98-v6dj-s7gv
92
vulnerability VCID-zqyj-7rr3-fqew
93
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.40.0
aliases CVE-2014-8150
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f922-jx9w-mbc5
9
url VCID-fhc8-r8gv-bugj
vulnerability_id VCID-fhc8-r8gv-bugj
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22876
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.29867
published_at 2026-06-05T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.29799
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22876
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://hackerone.com/reports/1101882
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://hackerone.com/reports/1101882
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1941964
reference_id 1941964
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1941964
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/
reference_id 2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
reference_id 986269
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
15
reference_url https://security.archlinux.org/AVG-1753
reference_id AVG-1753
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1753
16
reference_url https://security.archlinux.org/AVG-1754
reference_id AVG-1754
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1754
17
reference_url https://security.archlinux.org/AVG-1755
reference_id AVG-1755
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1755
18
reference_url https://security.archlinux.org/AVG-1756
reference_id AVG-1756
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1756
19
reference_url https://security.archlinux.org/AVG-1757
reference_id AVG-1757
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1757
20
reference_url https://security.archlinux.org/AVG-1758
reference_id AVG-1758
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1758
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22876
reference_id CVE-2021-22876
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22876
22
reference_url https://curl.se/docs/CVE-2021-22876.html
reference_id CVE-2021-22876.HTML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Low
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://curl.se/docs/CVE-2021-22876.html
23
reference_url https://security.gentoo.org/glsa/202105-36
reference_id GLSA-202105-36
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://security.gentoo.org/glsa/202105-36
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/
reference_id ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/
reference_id KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/
26
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html
reference_id msg00019.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html
27
reference_url https://security.netapp.com/advisory/ntap-20210521-0007/
reference_id ntap-20210521-0007
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/
url https://security.netapp.com/advisory/ntap-20210521-0007/
28
reference_url https://access.redhat.com/errata/RHSA-2021:2471
reference_id RHSA-2021:2471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2471
29
reference_url https://access.redhat.com/errata/RHSA-2021:2472
reference_id RHSA-2021:2472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2472
30
reference_url https://access.redhat.com/errata/RHSA-2021:4511
reference_id RHSA-2021:4511
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4511
31
reference_url https://access.redhat.com/errata/RHSA-2022:1354
reference_id RHSA-2022:1354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1354
32
reference_url https://usn.ubuntu.com/4898-1/
reference_id USN-4898-1
reference_type
scores
url https://usn.ubuntu.com/4898-1/
33
reference_url https://usn.ubuntu.com/4903-1/
reference_id USN-4903-1
reference_type
scores
url https://usn.ubuntu.com/4903-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.76.0
purl pkg:generic/curl.se/curl@7.76.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-1m1w-rayk-sffe
4
vulnerability VCID-1zsv-4jdy-63en
5
vulnerability VCID-21ff-tazv-9ud3
6
vulnerability VCID-27bv-f11z-myak
7
vulnerability VCID-39qh-jayw-g3dh
8
vulnerability VCID-3p2z-61gq-muhs
9
vulnerability VCID-5un8-xymy-37bt
10
vulnerability VCID-6ggz-pa5t-77c4
11
vulnerability VCID-738z-myg9-37hr
12
vulnerability VCID-7wqd-99h2-e7hk
13
vulnerability VCID-7yvu-s3p2-sfhc
14
vulnerability VCID-7z3h-9pk3-rqct
15
vulnerability VCID-a58z-fu87-9ybs
16
vulnerability VCID-a8z6-bswu-jue8
17
vulnerability VCID-am31-t2h3-zbgw
18
vulnerability VCID-azcz-b8f2-63be
19
vulnerability VCID-bcuq-n4vb-k7f3
20
vulnerability VCID-bx2m-n5ft-3be8
21
vulnerability VCID-byzw-xw9s-pkga
22
vulnerability VCID-cdzf-3ydt-8bdk
23
vulnerability VCID-cfry-nx5h-kudv
24
vulnerability VCID-cjyz-fdnv-b3g4
25
vulnerability VCID-f9nm-d5ax-qkcb
26
vulnerability VCID-fcb7-8163-muf4
27
vulnerability VCID-g4n9-kg3s-pfcr
28
vulnerability VCID-g7ux-4vz2-ckfg
29
vulnerability VCID-gueb-wzpx-ufb2
30
vulnerability VCID-hhms-2hg6-nke9
31
vulnerability VCID-j688-cyfg-p7gu
32
vulnerability VCID-jnq1-hk6d-b3a3
33
vulnerability VCID-kkrm-dj79-4ucj
34
vulnerability VCID-kq38-7s5x-nqaz
35
vulnerability VCID-p155-gbtu-abg1
36
vulnerability VCID-p97a-kjpp-f3d8
37
vulnerability VCID-q8tg-prj1-y7b8
38
vulnerability VCID-r2g9-c896-rkge
39
vulnerability VCID-razg-yr7y-ukgd
40
vulnerability VCID-secz-78pt-dben
41
vulnerability VCID-sutv-qt2x-2yc7
42
vulnerability VCID-td39-d3tf-vkhc
43
vulnerability VCID-tzs5-qzhn-rqbk
44
vulnerability VCID-u1p8-s8vm-3yer
45
vulnerability VCID-urgp-rqyc-sqer
46
vulnerability VCID-v82t-s9e1-2fbw
47
vulnerability VCID-vgap-k5zw-9qbn
48
vulnerability VCID-vpkr-9akj-hbf6
49
vulnerability VCID-w472-84ep-fkdx
50
vulnerability VCID-w8ff-vxga-8qcz
51
vulnerability VCID-wbwx-5vg3-uqcd
52
vulnerability VCID-wgur-psum-pbck
53
vulnerability VCID-wmam-qmmg-6uay
54
vulnerability VCID-xgj8-zrta-kub9
55
vulnerability VCID-y41p-tgpa-m7cs
56
vulnerability VCID-y44u-23he-aya8
57
vulnerability VCID-yjtj-ydsg-u7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0
aliases CVE-2021-22876
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc8-r8gv-bugj
10
url VCID-g72q-eedp-aufb
vulnerability_id VCID-g72q-eedp-aufb
summary The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1944
reference_id
reference_type
scores
0
value 0.02482
scoring_system epss
scoring_elements 0.85568
published_at 2026-06-04T12:55:00Z
1
value 0.02482
scoring_system epss
scoring_elements 0.8559
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1944
2
reference_url https://curl.se/docs/CVE-2013-1944.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2013-1944.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274
reference_id 705274
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=950577
reference_id 950577
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=950577
6
reference_url https://security.gentoo.org/glsa/201401-14
reference_id GLSA-201401-14
reference_type
scores
url https://security.gentoo.org/glsa/201401-14
7
reference_url https://access.redhat.com/errata/RHSA-2013:0771
reference_id RHSA-2013:0771
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0771
8
reference_url https://usn.ubuntu.com/1801-1/
reference_id USN-1801-1
reference_type
scores
url https://usn.ubuntu.com/1801-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.30.0
purl pkg:generic/curl.se/curl@7.30.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1zsv-4jdy-63en
7
vulnerability VCID-2u6v-6vm9-z3by
8
vulnerability VCID-39qh-jayw-g3dh
9
vulnerability VCID-3s4s-6c3v-7kgn
10
vulnerability VCID-4zcd-rbx3-qye5
11
vulnerability VCID-51ac-1jc2-vfed
12
vulnerability VCID-5svr-3vv9-mqea
13
vulnerability VCID-5ujs-47hf-g7gj
14
vulnerability VCID-5xjw-u8ad-n3g5
15
vulnerability VCID-6745-tyba-33fa
16
vulnerability VCID-6fv7-7u2t-gfgb
17
vulnerability VCID-6rk4-vb5u-bkg6
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-8j6v-xbhy-7uc2
23
vulnerability VCID-a58z-fu87-9ybs
24
vulnerability VCID-a8z6-bswu-jue8
25
vulnerability VCID-am31-t2h3-zbgw
26
vulnerability VCID-av4f-gxku-qbhp
27
vulnerability VCID-azcz-b8f2-63be
28
vulnerability VCID-bcuq-n4vb-k7f3
29
vulnerability VCID-bx2m-n5ft-3be8
30
vulnerability VCID-cdar-9qhw-hke7
31
vulnerability VCID-cdzf-3ydt-8bdk
32
vulnerability VCID-cmcn-f8ws-q3h2
33
vulnerability VCID-cxy6-vzz9-w3ff
34
vulnerability VCID-dndt-tapy-23d2
35
vulnerability VCID-e4qf-7gqs-qyg3
36
vulnerability VCID-f276-amhj-9yfx
37
vulnerability VCID-f922-jx9w-mbc5
38
vulnerability VCID-f9nm-d5ax-qkcb
39
vulnerability VCID-fhc8-r8gv-bugj
40
vulnerability VCID-g4n9-kg3s-pfcr
41
vulnerability VCID-g7ux-4vz2-ckfg
42
vulnerability VCID-gud1-yg9u-zyfp
43
vulnerability VCID-gueb-wzpx-ufb2
44
vulnerability VCID-h6xj-mys4-pucf
45
vulnerability VCID-hhu3-dp3m-gbgm
46
vulnerability VCID-jf17-h97b-6bak
47
vulnerability VCID-kkrm-dj79-4ucj
48
vulnerability VCID-msd2-35g9-nyd2
49
vulnerability VCID-naac-snjw-qbad
50
vulnerability VCID-nkmd-xb13-mbg9
51
vulnerability VCID-p8vk-yf66-wbb7
52
vulnerability VCID-p97a-kjpp-f3d8
53
vulnerability VCID-p9v4-nweu-vydg
54
vulnerability VCID-q46r-7nct-s3bw
55
vulnerability VCID-q8ja-keyk-fyfb
56
vulnerability VCID-q8tg-prj1-y7b8
57
vulnerability VCID-q9ht-ra39-kuef
58
vulnerability VCID-qe9z-wuze-tucq
59
vulnerability VCID-r2g9-c896-rkge
60
vulnerability VCID-rfdp-gsgs-eubq
61
vulnerability VCID-rt5e-saz2-j7c9
62
vulnerability VCID-s2gu-8jpq-mub9
63
vulnerability VCID-secz-78pt-dben
64
vulnerability VCID-sesh-938m-x3f8
65
vulnerability VCID-snsg-c2up-b7cn
66
vulnerability VCID-sutv-qt2x-2yc7
67
vulnerability VCID-swmn-7ns9-ekg1
68
vulnerability VCID-tcxd-z7f3-kkes
69
vulnerability VCID-td39-d3tf-vkhc
70
vulnerability VCID-tn33-re3r-yfhw
71
vulnerability VCID-tyqp-e8cp-dbbm
72
vulnerability VCID-ugrr-z2zv-6qgp
73
vulnerability VCID-uh5a-zcds-3bcc
74
vulnerability VCID-vfc1-yy11-bycp
75
vulnerability VCID-vpkr-9akj-hbf6
76
vulnerability VCID-w472-84ep-fkdx
77
vulnerability VCID-w8ff-vxga-8qcz
78
vulnerability VCID-xgj8-zrta-kub9
79
vulnerability VCID-xsnb-eujr-y7bz
80
vulnerability VCID-xyze-msxs-1qem
81
vulnerability VCID-y44u-23he-aya8
82
vulnerability VCID-z8ex-47nd-47cm
83
vulnerability VCID-zg98-v6dj-s7gv
84
vulnerability VCID-zqyj-7rr3-fqew
85
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.30.0
aliases CVE-2013-1944
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g72q-eedp-aufb
11
url VCID-kkrm-dj79-4ucj
vulnerability_id VCID-kkrm-dj79-4ucj
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27776
reference_id
reference_type
scores
0
value 0.00682
scoring_system epss
scoring_elements 0.72057
published_at 2026-06-05T12:55:00Z
1
value 0.00682
scoring_system epss
scoring_elements 0.72016
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27776
2
reference_url https://curl.se/docs/CVE-2022-27776.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2022-27776.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://hackerone.com/reports/1547048
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://hackerone.com/reports/1547048
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252
reference_id 1010252
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2078408
reference_id 2078408
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2078408
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/
reference_id 7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/
23
reference_url https://security.archlinux.org/AVG-2685
reference_id AVG-2685
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2685
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/
reference_id DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/
25
reference_url https://www.debian.org/security/2022/dsa-5197
reference_id dsa-5197
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://www.debian.org/security/2022/dsa-5197
26
reference_url https://security.gentoo.org/glsa/202212-01
reference_id GLSA-202212-01
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://security.gentoo.org/glsa/202212-01
27
reference_url https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
28
reference_url https://security.netapp.com/advisory/ntap-20220609-0008/
reference_id ntap-20220609-0008
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/
url https://security.netapp.com/advisory/ntap-20220609-0008/
29
reference_url https://access.redhat.com/errata/RHSA-2022:5245
reference_id RHSA-2022:5245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5245
30
reference_url https://access.redhat.com/errata/RHSA-2022:5313
reference_id RHSA-2022:5313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5313
31
reference_url https://usn.ubuntu.com/5397-1/
reference_id USN-5397-1
reference_type
scores
url https://usn.ubuntu.com/5397-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.83.0
purl pkg:generic/curl.se/curl@7.83.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1k-d4ez-ybdu
1
vulnerability VCID-1dw3-33ju-jkbs
2
vulnerability VCID-1zsv-4jdy-63en
3
vulnerability VCID-21ff-tazv-9ud3
4
vulnerability VCID-287k-bzqy-n7ag
5
vulnerability VCID-39qh-jayw-g3dh
6
vulnerability VCID-3p2z-61gq-muhs
7
vulnerability VCID-5m9y-9y57-kqg6
8
vulnerability VCID-5un8-xymy-37bt
9
vulnerability VCID-6en5-etsd-2bce
10
vulnerability VCID-6ggz-pa5t-77c4
11
vulnerability VCID-7wqd-99h2-e7hk
12
vulnerability VCID-7z3h-9pk3-rqct
13
vulnerability VCID-a8z6-bswu-jue8
14
vulnerability VCID-azcz-b8f2-63be
15
vulnerability VCID-bcuq-n4vb-k7f3
16
vulnerability VCID-bx2m-n5ft-3be8
17
vulnerability VCID-cdzf-3ydt-8bdk
18
vulnerability VCID-cfry-nx5h-kudv
19
vulnerability VCID-f9nm-d5ax-qkcb
20
vulnerability VCID-fcb7-8163-muf4
21
vulnerability VCID-g4n9-kg3s-pfcr
22
vulnerability VCID-g7ux-4vz2-ckfg
23
vulnerability VCID-gueb-wzpx-ufb2
24
vulnerability VCID-h4nw-va5b-23ef
25
vulnerability VCID-hb4z-s871-d7ck
26
vulnerability VCID-hhms-2hg6-nke9
27
vulnerability VCID-jnq1-hk6d-b3a3
28
vulnerability VCID-k5vr-1fmp-sqbw
29
vulnerability VCID-kq38-7s5x-nqaz
30
vulnerability VCID-mqzd-mcw5-s3h6
31
vulnerability VCID-mray-vkqx-5ka7
32
vulnerability VCID-ns58-vmsz-5ued
33
vulnerability VCID-nwvb-d466-4uaa
34
vulnerability VCID-p155-gbtu-abg1
35
vulnerability VCID-p97a-kjpp-f3d8
36
vulnerability VCID-r2g9-c896-rkge
37
vulnerability VCID-razg-yr7y-ukgd
38
vulnerability VCID-secz-78pt-dben
39
vulnerability VCID-sutv-qt2x-2yc7
40
vulnerability VCID-tzs5-qzhn-rqbk
41
vulnerability VCID-u1p8-s8vm-3yer
42
vulnerability VCID-v82t-s9e1-2fbw
43
vulnerability VCID-vpkr-9akj-hbf6
44
vulnerability VCID-w472-84ep-fkdx
45
vulnerability VCID-w8ff-vxga-8qcz
46
vulnerability VCID-wbwx-5vg3-uqcd
47
vulnerability VCID-wgur-psum-pbck
48
vulnerability VCID-wmam-qmmg-6uay
49
vulnerability VCID-xgj8-zrta-kub9
50
vulnerability VCID-y41p-tgpa-m7cs
51
vulnerability VCID-y44u-23he-aya8
52
vulnerability VCID-yjtj-ydsg-u7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0
aliases CVE-2022-27776
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkrm-dj79-4ucj
12
url VCID-msd2-35g9-nyd2
vulnerability_id VCID-msd2-35g9-nyd2
summary A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8284
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24369
published_at 2026-06-05T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24269
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8284
2
reference_url https://curl.se/docs/CVE-2020-8284.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Low
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://curl.se/docs/CVE-2020-8284.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://hackerone.com/reports/1040166
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://hackerone.com/reports/1040166
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1902667
reference_id 1902667
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1902667
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163
reference_id 977163
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163
15
reference_url https://security.archlinux.org/AVG-1337
reference_id AVG-1337
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1337
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/
reference_id DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/
17
reference_url https://www.debian.org/security/2021/dsa-4881
reference_id dsa-4881
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://www.debian.org/security/2021/dsa-4881
18
reference_url https://security.gentoo.org/glsa/202012-14
reference_id GLSA-202012-14
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://security.gentoo.org/glsa/202012-14
19
reference_url https://support.apple.com/kb/HT212325
reference_id HT212325
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://support.apple.com/kb/HT212325
20
reference_url https://support.apple.com/kb/HT212326
reference_id HT212326
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://support.apple.com/kb/HT212326
21
reference_url https://support.apple.com/kb/HT212327
reference_id HT212327
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://support.apple.com/kb/HT212327
22
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html
23
reference_url https://security.netapp.com/advisory/ntap-20210122-0007/
reference_id ntap-20210122-0007
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://security.netapp.com/advisory/ntap-20210122-0007/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
reference_id NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
25
reference_url https://access.redhat.com/errata/RHSA-2021:1610
reference_id RHSA-2021:1610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1610
26
reference_url https://access.redhat.com/errata/RHSA-2021:2471
reference_id RHSA-2021:2471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2471
27
reference_url https://access.redhat.com/errata/RHSA-2021:2472
reference_id RHSA-2021:2472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2472
28
reference_url https://usn.ubuntu.com/4665-1/
reference_id USN-4665-1
reference_type
scores
url https://usn.ubuntu.com/4665-1/
29
reference_url https://usn.ubuntu.com/4665-2/
reference_id USN-4665-2
reference_type
scores
url https://usn.ubuntu.com/4665-2/
fixed_packages
0
url pkg:generic/curl.se/curl@7.74.0
purl pkg:generic/curl.se/curl@7.74.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-1m1w-rayk-sffe
4
vulnerability VCID-1zsv-4jdy-63en
5
vulnerability VCID-21ff-tazv-9ud3
6
vulnerability VCID-27bv-f11z-myak
7
vulnerability VCID-39qh-jayw-g3dh
8
vulnerability VCID-5un8-xymy-37bt
9
vulnerability VCID-6ggz-pa5t-77c4
10
vulnerability VCID-738z-myg9-37hr
11
vulnerability VCID-7wqd-99h2-e7hk
12
vulnerability VCID-7yvu-s3p2-sfhc
13
vulnerability VCID-7z3h-9pk3-rqct
14
vulnerability VCID-a58z-fu87-9ybs
15
vulnerability VCID-a8z6-bswu-jue8
16
vulnerability VCID-am31-t2h3-zbgw
17
vulnerability VCID-azcz-b8f2-63be
18
vulnerability VCID-bcuq-n4vb-k7f3
19
vulnerability VCID-bx2m-n5ft-3be8
20
vulnerability VCID-byzw-xw9s-pkga
21
vulnerability VCID-cdzf-3ydt-8bdk
22
vulnerability VCID-cfry-nx5h-kudv
23
vulnerability VCID-cjyz-fdnv-b3g4
24
vulnerability VCID-f9nm-d5ax-qkcb
25
vulnerability VCID-fcb7-8163-muf4
26
vulnerability VCID-fhc8-r8gv-bugj
27
vulnerability VCID-g4n9-kg3s-pfcr
28
vulnerability VCID-g7ux-4vz2-ckfg
29
vulnerability VCID-gueb-wzpx-ufb2
30
vulnerability VCID-hhms-2hg6-nke9
31
vulnerability VCID-j688-cyfg-p7gu
32
vulnerability VCID-jnq1-hk6d-b3a3
33
vulnerability VCID-kkrm-dj79-4ucj
34
vulnerability VCID-kn6z-caj8-bbc9
35
vulnerability VCID-kq38-7s5x-nqaz
36
vulnerability VCID-p155-gbtu-abg1
37
vulnerability VCID-p97a-kjpp-f3d8
38
vulnerability VCID-q8tg-prj1-y7b8
39
vulnerability VCID-r2g9-c896-rkge
40
vulnerability VCID-razg-yr7y-ukgd
41
vulnerability VCID-secz-78pt-dben
42
vulnerability VCID-sutv-qt2x-2yc7
43
vulnerability VCID-td39-d3tf-vkhc
44
vulnerability VCID-tzs5-qzhn-rqbk
45
vulnerability VCID-urgp-rqyc-sqer
46
vulnerability VCID-v82t-s9e1-2fbw
47
vulnerability VCID-vpkr-9akj-hbf6
48
vulnerability VCID-w472-84ep-fkdx
49
vulnerability VCID-w8ff-vxga-8qcz
50
vulnerability VCID-wbwx-5vg3-uqcd
51
vulnerability VCID-wgur-psum-pbck
52
vulnerability VCID-wmam-qmmg-6uay
53
vulnerability VCID-xgj8-zrta-kub9
54
vulnerability VCID-y41p-tgpa-m7cs
55
vulnerability VCID-y44u-23he-aya8
56
vulnerability VCID-yjtj-ydsg-u7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0
aliases CVE-2020-8284
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msd2-35g9-nyd2
13
url VCID-q2wq-jd4k-8kdr
vulnerability_id VCID-q2wq-jd4k-8kdr
summary curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-1605
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59711
published_at 2026-06-04T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.5976
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-1605
1
reference_url https://curl.se/docs/CVE-2003-1605.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2003-1605.html
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:generic/curl.se/curl@7.10.7
purl pkg:generic/curl.se/curl@7.10.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1k-d4ez-ybdu
1
vulnerability VCID-1b5g-9trz-7ufb
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-39qh-jayw-g3dh
4
vulnerability VCID-5xjw-u8ad-n3g5
5
vulnerability VCID-64mt-9155-tkbv
6
vulnerability VCID-6fv7-7u2t-gfgb
7
vulnerability VCID-6rk4-vb5u-bkg6
8
vulnerability VCID-738z-myg9-37hr
9
vulnerability VCID-8j6v-xbhy-7uc2
10
vulnerability VCID-a58z-fu87-9ybs
11
vulnerability VCID-a8z6-bswu-jue8
12
vulnerability VCID-am31-t2h3-zbgw
13
vulnerability VCID-av4f-gxku-qbhp
14
vulnerability VCID-azcz-b8f2-63be
15
vulnerability VCID-cdar-9qhw-hke7
16
vulnerability VCID-cdzf-3ydt-8bdk
17
vulnerability VCID-dndt-tapy-23d2
18
vulnerability VCID-e4qf-7gqs-qyg3
19
vulnerability VCID-f276-amhj-9yfx
20
vulnerability VCID-f922-jx9w-mbc5
21
vulnerability VCID-fhc8-r8gv-bugj
22
vulnerability VCID-g72q-eedp-aufb
23
vulnerability VCID-g7ux-4vz2-ckfg
24
vulnerability VCID-hhu3-dp3m-gbgm
25
vulnerability VCID-jwmh-kyed-1uca
26
vulnerability VCID-kkrm-dj79-4ucj
27
vulnerability VCID-msd2-35g9-nyd2
28
vulnerability VCID-naac-snjw-qbad
29
vulnerability VCID-nnv5-72sv-afbb
30
vulnerability VCID-p9v4-nweu-vydg
31
vulnerability VCID-q2kb-mjg4-uba1
32
vulnerability VCID-q9ht-ra39-kuef
33
vulnerability VCID-qe9z-wuze-tucq
34
vulnerability VCID-rt5e-saz2-j7c9
35
vulnerability VCID-sesh-938m-x3f8
36
vulnerability VCID-snsg-c2up-b7cn
37
vulnerability VCID-sutv-qt2x-2yc7
38
vulnerability VCID-td39-d3tf-vkhc
39
vulnerability VCID-tyqp-e8cp-dbbm
40
vulnerability VCID-uh5a-zcds-3bcc
41
vulnerability VCID-vfc1-yy11-bycp
42
vulnerability VCID-vnqb-6t3e-rudt
43
vulnerability VCID-w472-84ep-fkdx
44
vulnerability VCID-wc29-pw8g-mkgj
45
vulnerability VCID-xyze-msxs-1qem
46
vulnerability VCID-y44u-23he-aya8
47
vulnerability VCID-y8yr-dfz4-67fp
48
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.10.7
aliases CVE-2003-1605
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2wq-jd4k-8kdr
14
url VCID-rt5e-saz2-j7c9
vulnerability_id VCID-rt5e-saz2-j7c9
summary libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000007
reference_id
reference_type
scores
0
value 0.03854
scoring_system epss
scoring_elements 0.88416
published_at 2026-06-04T12:55:00Z
1
value 0.03854
scoring_system epss
scoring_elements 0.88434
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000007
2
reference_url https://curl.se/docs/CVE-2018-1000007.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2018-1000007.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1537125
reference_id 1537125
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1537125
6
reference_url https://security.archlinux.org/ASA-201801-20
reference_id ASA-201801-20
reference_type
scores
url https://security.archlinux.org/ASA-201801-20
7
reference_url https://security.archlinux.org/ASA-201801-22
reference_id ASA-201801-22
reference_type
scores
url https://security.archlinux.org/ASA-201801-22
8
reference_url https://security.archlinux.org/ASA-201801-23
reference_id ASA-201801-23
reference_type
scores
url https://security.archlinux.org/ASA-201801-23
9
reference_url https://security.archlinux.org/ASA-201801-24
reference_id ASA-201801-24
reference_type
scores
url https://security.archlinux.org/ASA-201801-24
10
reference_url https://security.archlinux.org/ASA-201801-25
reference_id ASA-201801-25
reference_type
scores
url https://security.archlinux.org/ASA-201801-25
11
reference_url https://security.archlinux.org/ASA-201801-26
reference_id ASA-201801-26
reference_type
scores
url https://security.archlinux.org/ASA-201801-26
12
reference_url https://security.archlinux.org/AVG-593
reference_id AVG-593
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-593
13
reference_url https://security.archlinux.org/AVG-594
reference_id AVG-594
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-594
14
reference_url https://security.archlinux.org/AVG-595
reference_id AVG-595
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-595
15
reference_url https://security.archlinux.org/AVG-596
reference_id AVG-596
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-596
16
reference_url https://security.archlinux.org/AVG-597
reference_id AVG-597
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-597
17
reference_url https://security.archlinux.org/AVG-598
reference_id AVG-598
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-598
18
reference_url https://security.gentoo.org/glsa/201804-04
reference_id GLSA-201804-04
reference_type
scores
url https://security.gentoo.org/glsa/201804-04
19
reference_url https://usn.ubuntu.com/3554-1/
reference_id USN-3554-1
reference_type
scores
url https://usn.ubuntu.com/3554-1/
20
reference_url https://usn.ubuntu.com/3554-2/
reference_id USN-3554-2
reference_type
scores
url https://usn.ubuntu.com/3554-2/
fixed_packages
0
url pkg:generic/curl.se/curl@7.58.0
purl pkg:generic/curl.se/curl@7.58.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-1kpz-55f1-f7dj
4
vulnerability VCID-1m1w-rayk-sffe
5
vulnerability VCID-1zsv-4jdy-63en
6
vulnerability VCID-21ff-tazv-9ud3
7
vulnerability VCID-27bv-f11z-myak
8
vulnerability VCID-39qh-jayw-g3dh
9
vulnerability VCID-3ws4-1sak-r3ck
10
vulnerability VCID-4hha-2z31-2bf8
11
vulnerability VCID-4zcd-rbx3-qye5
12
vulnerability VCID-58p5-pfy3-xug1
13
vulnerability VCID-5ujs-47hf-g7gj
14
vulnerability VCID-5un8-xymy-37bt
15
vulnerability VCID-6745-tyba-33fa
16
vulnerability VCID-738z-myg9-37hr
17
vulnerability VCID-7wqd-99h2-e7hk
18
vulnerability VCID-7yvu-s3p2-sfhc
19
vulnerability VCID-a58z-fu87-9ybs
20
vulnerability VCID-a8z6-bswu-jue8
21
vulnerability VCID-am31-t2h3-zbgw
22
vulnerability VCID-azcz-b8f2-63be
23
vulnerability VCID-bb6v-z8yg-6fe3
24
vulnerability VCID-bcuq-n4vb-k7f3
25
vulnerability VCID-bx2m-n5ft-3be8
26
vulnerability VCID-cdzf-3ydt-8bdk
27
vulnerability VCID-cfry-nx5h-kudv
28
vulnerability VCID-f7n8-zzhz-fuc8
29
vulnerability VCID-f9nm-d5ax-qkcb
30
vulnerability VCID-fcb7-8163-muf4
31
vulnerability VCID-fhc8-r8gv-bugj
32
vulnerability VCID-g4n9-kg3s-pfcr
33
vulnerability VCID-g7ux-4vz2-ckfg
34
vulnerability VCID-gud1-yg9u-zyfp
35
vulnerability VCID-gueb-wzpx-ufb2
36
vulnerability VCID-h6xj-mys4-pucf
37
vulnerability VCID-hhms-2hg6-nke9
38
vulnerability VCID-j688-cyfg-p7gu
39
vulnerability VCID-jnq1-hk6d-b3a3
40
vulnerability VCID-kae8-wmf2-2kf1
41
vulnerability VCID-kkrm-dj79-4ucj
42
vulnerability VCID-kq38-7s5x-nqaz
43
vulnerability VCID-msd2-35g9-nyd2
44
vulnerability VCID-p7mn-a632-c3ag
45
vulnerability VCID-p8vk-yf66-wbb7
46
vulnerability VCID-p97a-kjpp-f3d8
47
vulnerability VCID-q46r-7nct-s3bw
48
vulnerability VCID-q8tg-prj1-y7b8
49
vulnerability VCID-qrnc-7ywu-37cz
50
vulnerability VCID-r2g9-c896-rkge
51
vulnerability VCID-secz-78pt-dben
52
vulnerability VCID-sutv-qt2x-2yc7
53
vulnerability VCID-tcxd-z7f3-kkes
54
vulnerability VCID-td39-d3tf-vkhc
55
vulnerability VCID-tn33-re3r-yfhw
56
vulnerability VCID-uj78-2cgz-zbdb
57
vulnerability VCID-v82t-s9e1-2fbw
58
vulnerability VCID-vpkr-9akj-hbf6
59
vulnerability VCID-w472-84ep-fkdx
60
vulnerability VCID-w8ff-vxga-8qcz
61
vulnerability VCID-wbwx-5vg3-uqcd
62
vulnerability VCID-wmam-qmmg-6uay
63
vulnerability VCID-xgj8-zrta-kub9
64
vulnerability VCID-y41p-tgpa-m7cs
65
vulnerability VCID-y44u-23he-aya8
66
vulnerability VCID-yjtj-ydsg-u7ca
67
vulnerability VCID-zg98-v6dj-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0
aliases CVE-2018-1000007
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rt5e-saz2-j7c9
15
url VCID-sesh-938m-x3f8
vulnerability_id VCID-sesh-938m-x3f8
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8618
reference_id
reference_type
scores
0
value 0.01811
scoring_system epss
scoring_elements 0.83202
published_at 2026-06-05T12:55:00Z
1
value 0.01811
scoring_system epss
scoring_elements 0.83176
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8618
2
reference_url https://curl.se/docs/CVE-2016-8618.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2016-8618.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388378
reference_id 1388378
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1388378
15
reference_url https://security.archlinux.org/ASA-201611-10
reference_id ASA-201611-10
reference_type
scores
url https://security.archlinux.org/ASA-201611-10
16
reference_url https://security.archlinux.org/ASA-201611-4
reference_id ASA-201611-4
reference_type
scores
url https://security.archlinux.org/ASA-201611-4
17
reference_url https://security.archlinux.org/ASA-201611-5
reference_id ASA-201611-5
reference_type
scores
url https://security.archlinux.org/ASA-201611-5
18
reference_url https://security.archlinux.org/AVG-61
reference_id AVG-61
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-61
19
reference_url https://security.archlinux.org/AVG-63
reference_id AVG-63
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-63
20
reference_url https://security.archlinux.org/AVG-66
reference_id AVG-66
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-66
21
reference_url https://security.gentoo.org/glsa/201701-47
reference_id GLSA-201701-47
reference_type
scores
url https://security.gentoo.org/glsa/201701-47
22
reference_url https://usn.ubuntu.com/3123-1/
reference_id USN-3123-1
reference_type
scores
url https://usn.ubuntu.com/3123-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.51.0
purl pkg:generic/curl.se/curl@7.51.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1zsv-4jdy-63en
7
vulnerability VCID-21ff-tazv-9ud3
8
vulnerability VCID-27bv-f11z-myak
9
vulnerability VCID-39qh-jayw-g3dh
10
vulnerability VCID-3ws4-1sak-r3ck
11
vulnerability VCID-4hha-2z31-2bf8
12
vulnerability VCID-4zcd-rbx3-qye5
13
vulnerability VCID-58p5-pfy3-xug1
14
vulnerability VCID-5svr-3vv9-mqea
15
vulnerability VCID-5ujs-47hf-g7gj
16
vulnerability VCID-5un8-xymy-37bt
17
vulnerability VCID-6745-tyba-33fa
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-a58z-fu87-9ybs
23
vulnerability VCID-a8z6-bswu-jue8
24
vulnerability VCID-am31-t2h3-zbgw
25
vulnerability VCID-azcz-b8f2-63be
26
vulnerability VCID-bb6v-z8yg-6fe3
27
vulnerability VCID-bcuq-n4vb-k7f3
28
vulnerability VCID-bx2m-n5ft-3be8
29
vulnerability VCID-cdzf-3ydt-8bdk
30
vulnerability VCID-f7n8-zzhz-fuc8
31
vulnerability VCID-f8vu-23bb-5ue7
32
vulnerability VCID-f9nm-d5ax-qkcb
33
vulnerability VCID-fhc8-r8gv-bugj
34
vulnerability VCID-g4n9-kg3s-pfcr
35
vulnerability VCID-g7ux-4vz2-ckfg
36
vulnerability VCID-gud1-yg9u-zyfp
37
vulnerability VCID-gueb-wzpx-ufb2
38
vulnerability VCID-h6xj-mys4-pucf
39
vulnerability VCID-hhms-2hg6-nke9
40
vulnerability VCID-j688-cyfg-p7gu
41
vulnerability VCID-jf17-h97b-6bak
42
vulnerability VCID-jnq1-hk6d-b3a3
43
vulnerability VCID-kkrm-dj79-4ucj
44
vulnerability VCID-kq38-7s5x-nqaz
45
vulnerability VCID-mh96-gkf1-9uek
46
vulnerability VCID-msd2-35g9-nyd2
47
vulnerability VCID-naac-snjw-qbad
48
vulnerability VCID-p8vk-yf66-wbb7
49
vulnerability VCID-p97a-kjpp-f3d8
50
vulnerability VCID-q46r-7nct-s3bw
51
vulnerability VCID-q8tg-prj1-y7b8
52
vulnerability VCID-qrnc-7ywu-37cz
53
vulnerability VCID-r2g9-c896-rkge
54
vulnerability VCID-raxd-4nxj-gkhp
55
vulnerability VCID-rt5e-saz2-j7c9
56
vulnerability VCID-secz-78pt-dben
57
vulnerability VCID-sutv-qt2x-2yc7
58
vulnerability VCID-swmn-7ns9-ekg1
59
vulnerability VCID-tcxd-z7f3-kkes
60
vulnerability VCID-td39-d3tf-vkhc
61
vulnerability VCID-tn33-re3r-yfhw
62
vulnerability VCID-vpkr-9akj-hbf6
63
vulnerability VCID-w472-84ep-fkdx
64
vulnerability VCID-w8ff-vxga-8qcz
65
vulnerability VCID-wmam-qmmg-6uay
66
vulnerability VCID-xgj8-zrta-kub9
67
vulnerability VCID-y41p-tgpa-m7cs
68
vulnerability VCID-y44u-23he-aya8
69
vulnerability VCID-yjtj-ydsg-u7ca
70
vulnerability VCID-z8ex-47nd-47cm
71
vulnerability VCID-zg98-v6dj-s7gv
72
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0
aliases CVE-2016-8618
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sesh-938m-x3f8
16
url VCID-uh5a-zcds-3bcc
vulnerability_id VCID-uh5a-zcds-3bcc
summary cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3613
reference_id
reference_type
scores
0
value 0.0182
scoring_system epss
scoring_elements 0.83211
published_at 2026-06-04T12:55:00Z
1
value 0.0182
scoring_system epss
scoring_elements 0.83237
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3613
2
reference_url https://curl.se/docs/CVE-2014-3613.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2014-3613.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1136154
reference_id 1136154
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1136154
5
reference_url https://access.redhat.com/errata/RHSA-2015:1254
reference_id RHSA-2015:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1254
6
reference_url https://access.redhat.com/errata/RHSA-2015:2159
reference_id RHSA-2015:2159
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2159
7
reference_url https://usn.ubuntu.com/2346-1/
reference_id USN-2346-1
reference_type
scores
url https://usn.ubuntu.com/2346-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.38.0
purl pkg:generic/curl.se/curl@7.38.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18p4-rvxz-pkeu
1
vulnerability VCID-1a1k-d4ez-ybdu
2
vulnerability VCID-1b5g-9trz-7ufb
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1y6d-7vfu-ybb3
7
vulnerability VCID-1zsv-4jdy-63en
8
vulnerability VCID-21ff-tazv-9ud3
9
vulnerability VCID-27bv-f11z-myak
10
vulnerability VCID-2u6v-6vm9-z3by
11
vulnerability VCID-39qh-jayw-g3dh
12
vulnerability VCID-3s4s-6c3v-7kgn
13
vulnerability VCID-3ws4-1sak-r3ck
14
vulnerability VCID-3xcn-bur1-tkdt
15
vulnerability VCID-4hha-2z31-2bf8
16
vulnerability VCID-4zcd-rbx3-qye5
17
vulnerability VCID-51ac-1jc2-vfed
18
vulnerability VCID-5sem-gndf-97e6
19
vulnerability VCID-5svr-3vv9-mqea
20
vulnerability VCID-5ujs-47hf-g7gj
21
vulnerability VCID-5xjw-u8ad-n3g5
22
vulnerability VCID-6745-tyba-33fa
23
vulnerability VCID-6fv7-7u2t-gfgb
24
vulnerability VCID-6rk4-vb5u-bkg6
25
vulnerability VCID-738z-myg9-37hr
26
vulnerability VCID-7jrx-ykk8-h3gp
27
vulnerability VCID-7wqd-99h2-e7hk
28
vulnerability VCID-7yvu-s3p2-sfhc
29
vulnerability VCID-8j6v-xbhy-7uc2
30
vulnerability VCID-a58z-fu87-9ybs
31
vulnerability VCID-a8z6-bswu-jue8
32
vulnerability VCID-am31-t2h3-zbgw
33
vulnerability VCID-av4f-gxku-qbhp
34
vulnerability VCID-azcz-b8f2-63be
35
vulnerability VCID-bb6v-z8yg-6fe3
36
vulnerability VCID-bcuq-n4vb-k7f3
37
vulnerability VCID-bx2m-n5ft-3be8
38
vulnerability VCID-cdar-9qhw-hke7
39
vulnerability VCID-cdzf-3ydt-8bdk
40
vulnerability VCID-dndt-tapy-23d2
41
vulnerability VCID-f276-amhj-9yfx
42
vulnerability VCID-f8vu-23bb-5ue7
43
vulnerability VCID-f922-jx9w-mbc5
44
vulnerability VCID-f9nm-d5ax-qkcb
45
vulnerability VCID-fhc8-r8gv-bugj
46
vulnerability VCID-g4n9-kg3s-pfcr
47
vulnerability VCID-g7ux-4vz2-ckfg
48
vulnerability VCID-gud1-yg9u-zyfp
49
vulnerability VCID-gueb-wzpx-ufb2
50
vulnerability VCID-h6xj-mys4-pucf
51
vulnerability VCID-hhms-2hg6-nke9
52
vulnerability VCID-j688-cyfg-p7gu
53
vulnerability VCID-jf17-h97b-6bak
54
vulnerability VCID-kkrm-dj79-4ucj
55
vulnerability VCID-kq38-7s5x-nqaz
56
vulnerability VCID-mh96-gkf1-9uek
57
vulnerability VCID-mq44-5pmp-2qhh
58
vulnerability VCID-msd2-35g9-nyd2
59
vulnerability VCID-naac-snjw-qbad
60
vulnerability VCID-p8vk-yf66-wbb7
61
vulnerability VCID-p97a-kjpp-f3d8
62
vulnerability VCID-p9v4-nweu-vydg
63
vulnerability VCID-q46r-7nct-s3bw
64
vulnerability VCID-q8ja-keyk-fyfb
65
vulnerability VCID-q8tg-prj1-y7b8
66
vulnerability VCID-qe9z-wuze-tucq
67
vulnerability VCID-qrnc-7ywu-37cz
68
vulnerability VCID-r2g9-c896-rkge
69
vulnerability VCID-rfdp-gsgs-eubq
70
vulnerability VCID-rt5e-saz2-j7c9
71
vulnerability VCID-s2gu-8jpq-mub9
72
vulnerability VCID-s6gu-gm97-fyfk
73
vulnerability VCID-secz-78pt-dben
74
vulnerability VCID-sesh-938m-x3f8
75
vulnerability VCID-snsg-c2up-b7cn
76
vulnerability VCID-sutv-qt2x-2yc7
77
vulnerability VCID-swmn-7ns9-ekg1
78
vulnerability VCID-tcxd-z7f3-kkes
79
vulnerability VCID-td39-d3tf-vkhc
80
vulnerability VCID-tn33-re3r-yfhw
81
vulnerability VCID-ugrr-z2zv-6qgp
82
vulnerability VCID-vfc1-yy11-bycp
83
vulnerability VCID-vpkr-9akj-hbf6
84
vulnerability VCID-w472-84ep-fkdx
85
vulnerability VCID-w8ff-vxga-8qcz
86
vulnerability VCID-xgj8-zrta-kub9
87
vulnerability VCID-xyze-msxs-1qem
88
vulnerability VCID-y44u-23he-aya8
89
vulnerability VCID-yjtj-ydsg-u7ca
90
vulnerability VCID-z8ex-47nd-47cm
91
vulnerability VCID-zg98-v6dj-s7gv
92
vulnerability VCID-zqyj-7rr3-fqew
93
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.38.0
aliases CVE-2014-3613
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uh5a-zcds-3bcc
17
url VCID-wdte-2hgu-rye3
vulnerability_id VCID-wdte-2hgu-rye3
summary FTP Server Response Buffer Overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2000-0973
reference_id
reference_type
scores
0
value 0.12231
scoring_system epss
scoring_elements 0.93978
published_at 2026-06-04T12:55:00Z
1
value 0.12231
scoring_system epss
scoring_elements 0.93986
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2000-0973
2
reference_url https://curl.se/docs/CVE-2000-0973.html
reference_id
reference_type
scores
0
value Critical
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2000-0973.html
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616532
reference_id 1616532
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616532
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl
reference_id CVE-2000-0973;OSVDB-1612
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl
reference_id CVE-2000-0973;OSVDB-1612
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl
6
reference_url https://www.securityfocus.com/bid/1804/info
reference_id CVE-2000-0973;OSVDB-1612
reference_type exploit
scores
url https://www.securityfocus.com/bid/1804/info
fixed_packages
0
url pkg:generic/curl.se/curl@7.4.1
purl pkg:generic/curl.se/curl@7.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1k-d4ez-ybdu
1
vulnerability VCID-1b5g-9trz-7ufb
2
vulnerability VCID-5xjw-u8ad-n3g5
3
vulnerability VCID-6fv7-7u2t-gfgb
4
vulnerability VCID-738z-myg9-37hr
5
vulnerability VCID-av4f-gxku-qbhp
6
vulnerability VCID-dndt-tapy-23d2
7
vulnerability VCID-f276-amhj-9yfx
8
vulnerability VCID-f922-jx9w-mbc5
9
vulnerability VCID-fhc8-r8gv-bugj
10
vulnerability VCID-g72q-eedp-aufb
11
vulnerability VCID-kkrm-dj79-4ucj
12
vulnerability VCID-msd2-35g9-nyd2
13
vulnerability VCID-nnv5-72sv-afbb
14
vulnerability VCID-q2kb-mjg4-uba1
15
vulnerability VCID-q2wq-jd4k-8kdr
16
vulnerability VCID-rt5e-saz2-j7c9
17
vulnerability VCID-sesh-938m-x3f8
18
vulnerability VCID-uh5a-zcds-3bcc
19
vulnerability VCID-vfc1-yy11-bycp
20
vulnerability VCID-y8yr-dfz4-67fp
21
vulnerability VCID-zqyj-7rr3-fqew
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.4.1
aliases CVE-2000-0973
risk_score 10.0
exploitability 2.0
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdte-2hgu-rye3
18
url VCID-y8yr-dfz4-67fp
vulnerability_id VCID-y8yr-dfz4-67fp
summary The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0037
reference_id
reference_type
scores
0
value 0.09919
scoring_system epss
scoring_elements 0.93158
published_at 2026-06-04T12:55:00Z
1
value 0.09919
scoring_system epss
scoring_elements 0.93169
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0037
2
reference_url https://curl.se/docs/CVE-2009-0037.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2009-0037.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=485271
reference_id 485271
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=485271
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423
reference_id 518423
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt
reference_id CVE-2009-0037;OSVDB-53572
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt
7
reference_url https://www.securityfocus.com/bid/33962/info
reference_id CVE-2009-0037;OSVDB-53572
reference_type exploit
scores
url https://www.securityfocus.com/bid/33962/info
8
reference_url https://security.gentoo.org/glsa/200903-21
reference_id GLSA-200903-21
reference_type
scores
url https://security.gentoo.org/glsa/200903-21
9
reference_url https://access.redhat.com/errata/RHSA-2009:0341
reference_id RHSA-2009:0341
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0341
10
reference_url https://usn.ubuntu.com/726-1/
reference_id USN-726-1
reference_type
scores
url https://usn.ubuntu.com/726-1/
fixed_packages
0
url pkg:generic/curl.se/curl@7.19.4
purl pkg:generic/curl.se/curl@7.19.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1k-d4ez-ybdu
1
vulnerability VCID-1b5g-9trz-7ufb
2
vulnerability VCID-1dw3-33ju-jkbs
3
vulnerability VCID-1kpz-55f1-f7dj
4
vulnerability VCID-2u6v-6vm9-z3by
5
vulnerability VCID-39qh-jayw-g3dh
6
vulnerability VCID-4zcd-rbx3-qye5
7
vulnerability VCID-5svr-3vv9-mqea
8
vulnerability VCID-5xjw-u8ad-n3g5
9
vulnerability VCID-64mt-9155-tkbv
10
vulnerability VCID-6fv7-7u2t-gfgb
11
vulnerability VCID-6rk4-vb5u-bkg6
12
vulnerability VCID-738z-myg9-37hr
13
vulnerability VCID-7wqd-99h2-e7hk
14
vulnerability VCID-8j6v-xbhy-7uc2
15
vulnerability VCID-a58z-fu87-9ybs
16
vulnerability VCID-a8z6-bswu-jue8
17
vulnerability VCID-am31-t2h3-zbgw
18
vulnerability VCID-av4f-gxku-qbhp
19
vulnerability VCID-azcz-b8f2-63be
20
vulnerability VCID-bcuq-n4vb-k7f3
21
vulnerability VCID-bx2m-n5ft-3be8
22
vulnerability VCID-cdar-9qhw-hke7
23
vulnerability VCID-cdzf-3ydt-8bdk
24
vulnerability VCID-dndt-tapy-23d2
25
vulnerability VCID-e4qf-7gqs-qyg3
26
vulnerability VCID-f276-amhj-9yfx
27
vulnerability VCID-f922-jx9w-mbc5
28
vulnerability VCID-f9nm-d5ax-qkcb
29
vulnerability VCID-fhc8-r8gv-bugj
30
vulnerability VCID-g4n9-kg3s-pfcr
31
vulnerability VCID-g72q-eedp-aufb
32
vulnerability VCID-g7ux-4vz2-ckfg
33
vulnerability VCID-gueb-wzpx-ufb2
34
vulnerability VCID-hhu3-dp3m-gbgm
35
vulnerability VCID-kkrm-dj79-4ucj
36
vulnerability VCID-msd2-35g9-nyd2
37
vulnerability VCID-naac-snjw-qbad
38
vulnerability VCID-nkmd-xb13-mbg9
39
vulnerability VCID-p97a-kjpp-f3d8
40
vulnerability VCID-p9v4-nweu-vydg
41
vulnerability VCID-q2kb-mjg4-uba1
42
vulnerability VCID-q8ja-keyk-fyfb
43
vulnerability VCID-q9ht-ra39-kuef
44
vulnerability VCID-qe9z-wuze-tucq
45
vulnerability VCID-r2g9-c896-rkge
46
vulnerability VCID-rfdp-gsgs-eubq
47
vulnerability VCID-rt5e-saz2-j7c9
48
vulnerability VCID-s2gu-8jpq-mub9
49
vulnerability VCID-secz-78pt-dben
50
vulnerability VCID-sesh-938m-x3f8
51
vulnerability VCID-snsg-c2up-b7cn
52
vulnerability VCID-sutv-qt2x-2yc7
53
vulnerability VCID-tcxd-z7f3-kkes
54
vulnerability VCID-td39-d3tf-vkhc
55
vulnerability VCID-tn33-re3r-yfhw
56
vulnerability VCID-tyqp-e8cp-dbbm
57
vulnerability VCID-uh5a-zcds-3bcc
58
vulnerability VCID-vfc1-yy11-bycp
59
vulnerability VCID-vnqb-6t3e-rudt
60
vulnerability VCID-vpkr-9akj-hbf6
61
vulnerability VCID-w472-84ep-fkdx
62
vulnerability VCID-wc29-pw8g-mkgj
63
vulnerability VCID-xgj8-zrta-kub9
64
vulnerability VCID-xyze-msxs-1qem
65
vulnerability VCID-y44u-23he-aya8
66
vulnerability VCID-zg98-v6dj-s7gv
67
vulnerability VCID-zqyj-7rr3-fqew
68
vulnerability VCID-zv25-wupq-bqfk
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.4
aliases CVE-2009-0037
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8yr-dfz4-67fp
19
url VCID-zqyj-7rr3-fqew
vulnerability_id VCID-zqyj-7rr3-fqew
summary The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json
reference_id
reference_type
scores
0
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7407
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.4215
published_at 2026-06-05T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.42076
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7407
2
reference_url https://curl.se/docs/CVE-2017-7407.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2017-7407.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:P/I:N/A:N
1
value 2.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1439190
reference_id 1439190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1439190
6
reference_url https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13
reference_id 1890d59905414ab84a35892b2e45833654aa5c13
reference_type
scores
0
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/
url https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500
reference_id 859500
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500
8
reference_url https://security.gentoo.org/glsa/201709-14
reference_id GLSA-201709-14
reference_type
scores
0
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/
url https://security.gentoo.org/glsa/201709-14
9
reference_url https://usn.ubuntu.com/3441-1/
reference_id USN-3441-1
reference_type
scores
url https://usn.ubuntu.com/3441-1/
10
reference_url https://usn.ubuntu.com/3441-2/
reference_id USN-3441-2
reference_type
scores
url https://usn.ubuntu.com/3441-2/
fixed_packages
0
url pkg:generic/curl.se/curl@7.54.0
purl pkg:generic/curl.se/curl@7.54.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15sy-wmte-h3ae
1
vulnerability VCID-18p4-rvxz-pkeu
2
vulnerability VCID-1a1k-d4ez-ybdu
3
vulnerability VCID-1dw3-33ju-jkbs
4
vulnerability VCID-1kpz-55f1-f7dj
5
vulnerability VCID-1m1w-rayk-sffe
6
vulnerability VCID-1zsv-4jdy-63en
7
vulnerability VCID-21ff-tazv-9ud3
8
vulnerability VCID-27bv-f11z-myak
9
vulnerability VCID-39qh-jayw-g3dh
10
vulnerability VCID-3ws4-1sak-r3ck
11
vulnerability VCID-4hha-2z31-2bf8
12
vulnerability VCID-4zcd-rbx3-qye5
13
vulnerability VCID-58p5-pfy3-xug1
14
vulnerability VCID-5svr-3vv9-mqea
15
vulnerability VCID-5ujs-47hf-g7gj
16
vulnerability VCID-5un8-xymy-37bt
17
vulnerability VCID-6745-tyba-33fa
18
vulnerability VCID-738z-myg9-37hr
19
vulnerability VCID-7jrx-ykk8-h3gp
20
vulnerability VCID-7wqd-99h2-e7hk
21
vulnerability VCID-7yvu-s3p2-sfhc
22
vulnerability VCID-a58z-fu87-9ybs
23
vulnerability VCID-a8z6-bswu-jue8
24
vulnerability VCID-am31-t2h3-zbgw
25
vulnerability VCID-azcz-b8f2-63be
26
vulnerability VCID-bb6v-z8yg-6fe3
27
vulnerability VCID-bcuq-n4vb-k7f3
28
vulnerability VCID-bx2m-n5ft-3be8
29
vulnerability VCID-cdzf-3ydt-8bdk
30
vulnerability VCID-f7n8-zzhz-fuc8
31
vulnerability VCID-f8vu-23bb-5ue7
32
vulnerability VCID-f9nm-d5ax-qkcb
33
vulnerability VCID-fhc8-r8gv-bugj
34
vulnerability VCID-g4n9-kg3s-pfcr
35
vulnerability VCID-g7ux-4vz2-ckfg
36
vulnerability VCID-gud1-yg9u-zyfp
37
vulnerability VCID-gueb-wzpx-ufb2
38
vulnerability VCID-h6xj-mys4-pucf
39
vulnerability VCID-hhms-2hg6-nke9
40
vulnerability VCID-j688-cyfg-p7gu
41
vulnerability VCID-jnq1-hk6d-b3a3
42
vulnerability VCID-kkrm-dj79-4ucj
43
vulnerability VCID-kq38-7s5x-nqaz
44
vulnerability VCID-mh96-gkf1-9uek
45
vulnerability VCID-msd2-35g9-nyd2
46
vulnerability VCID-naac-snjw-qbad
47
vulnerability VCID-p8vk-yf66-wbb7
48
vulnerability VCID-p97a-kjpp-f3d8
49
vulnerability VCID-q46r-7nct-s3bw
50
vulnerability VCID-q8tg-prj1-y7b8
51
vulnerability VCID-qrnc-7ywu-37cz
52
vulnerability VCID-r2g9-c896-rkge
53
vulnerability VCID-raxd-4nxj-gkhp
54
vulnerability VCID-rt5e-saz2-j7c9
55
vulnerability VCID-secz-78pt-dben
56
vulnerability VCID-sutv-qt2x-2yc7
57
vulnerability VCID-swmn-7ns9-ekg1
58
vulnerability VCID-tcxd-z7f3-kkes
59
vulnerability VCID-td39-d3tf-vkhc
60
vulnerability VCID-tn33-re3r-yfhw
61
vulnerability VCID-uj78-2cgz-zbdb
62
vulnerability VCID-vpkr-9akj-hbf6
63
vulnerability VCID-w472-84ep-fkdx
64
vulnerability VCID-w8ff-vxga-8qcz
65
vulnerability VCID-wmam-qmmg-6uay
66
vulnerability VCID-xgj8-zrta-kub9
67
vulnerability VCID-y41p-tgpa-m7cs
68
vulnerability VCID-y44u-23he-aya8
69
vulnerability VCID-yjtj-ydsg-u7ca
70
vulnerability VCID-zg98-v6dj-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.54.0
aliases CVE-2017-7407
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqyj-7rr3-fqew
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.1.1