Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/138232?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/138232?format=api", "purl": "pkg:generic/curl.se/curl@7.4.1", "type": "generic", "namespace": "curl.se", "name": "curl", "version": "7.4.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.20.0", "latest_non_vulnerable_version": "8.20.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65692?format=api", "vulnerability_id": "VCID-1a1k-d4ez-ybdu", "summary": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52551", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252" }, { "reference_url": "https://curl.se/docs/CVE-2022-35252.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35252.html" }, { "reference_url": "https://hackerone.com/reports/1613943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1613943" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831", "reference_id": "1018831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718", "reference_id": "2120718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137945?format=api", "purl": "pkg:generic/curl.se/curl@7.85.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-287k-bzqy-n7ag" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3p2z-61gq-muhs" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6en5-etsd-2bce" }, { "vulnerability": "VCID-6ggz-pa5t-77c4" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-85qb-zec7-subc" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-ffmg-djmk-57hn" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h4nw-va5b-23ef" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-k3nv-gf9b-5ua2" }, { "vulnerability": "VCID-k5vr-1fmp-sqbw" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mpuf-pp6z-q3d6" }, { "vulnerability": "VCID-ns58-vmsz-5ued" }, { "vulnerability": "VCID-nwvb-d466-4uaa" }, { "vulnerability": "VCID-p155-gbtu-abg1" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-razg-yr7y-ukgd" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-u1p8-s8vm-3yer" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wgur-psum-pbck" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0" } ], "aliases": [ "CVE-2022-35252" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1k-d4ez-ybdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65666?format=api", "vulnerability_id": "VCID-1b5g-9trz-7ufb", "summary": "curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01009", "scoring_system": "epss", "scoring_elements": "0.7743", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586" }, { "reference_url": "https://curl.se/docs/CVE-2016-9586.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9586.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712", "reference_id": "1406712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958", "reference_id": "848958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137890?format=api", "purl": "pkg:generic/curl.se/curl@7.52.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-53st-1j3z-h7by" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-k79t-tesa-jfck" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-uj78-2cgz-zbdb" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w63e-dku9-mqe9" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0" } ], "aliases": [ "CVE-2016-9586" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1b5g-9trz-7ufb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6747?format=api", "vulnerability_id": "VCID-5xjw-u8ad-n3g5", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04293", "scoring_system": "epss", "scoring_elements": "0.89048", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615" }, { "reference_url": "https://curl.se/docs/CVE-2016-8615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8615.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370", "reference_id": "1388370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137889?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8615" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xjw-u8ad-n3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65656?format=api", "vulnerability_id": "VCID-6fv7-7u2t-gfgb", "summary": "cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57772", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754" }, { "reference_url": "https://curl.se/docs/CVE-2016-0754.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0754.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137879?format=api", "purl": "pkg:generic/curl.se/curl@7.47.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1y6d-7vfu-ybb3" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3s4s-6c3v-7kgn" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-mq44-5pmp-2qhh" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0" } ], "aliases": [ "CVE-2016-0754" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fv7-7u2t-gfgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6859?format=api", "vulnerability_id": "VCID-738z-myg9-37hr", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54842", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774" }, { "reference_url": "https://curl.se/docs/CVE-2022-27774.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27774.html" }, { "reference_url": "https://hackerone.com/reports/1543773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1543773" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254", "reference_id": "1010254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547", "reference_id": "2077547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137941?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-287k-bzqy-n7ag" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3p2z-61gq-muhs" }, { "vulnerability": "VCID-5m9y-9y57-kqg6" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6en5-etsd-2bce" }, { "vulnerability": "VCID-6ggz-pa5t-77c4" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7z3h-9pk3-rqct" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h4nw-va5b-23ef" }, { "vulnerability": "VCID-hb4z-s871-d7ck" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-k5vr-1fmp-sqbw" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mqzd-mcw5-s3h6" }, { "vulnerability": "VCID-mray-vkqx-5ka7" }, { "vulnerability": "VCID-ns58-vmsz-5ued" }, { "vulnerability": "VCID-nwvb-d466-4uaa" }, { "vulnerability": "VCID-p155-gbtu-abg1" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-razg-yr7y-ukgd" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-tzs5-qzhn-rqbk" }, { "vulnerability": "VCID-u1p8-s8vm-3yer" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wbwx-5vg3-uqcd" }, { "vulnerability": "VCID-wgur-psum-pbck" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27774" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-738z-myg9-37hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6740?format=api", "vulnerability_id": "VCID-av4f-gxku-qbhp", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80514", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624" }, { "reference_url": "https://curl.se/docs/CVE-2016-8624.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8624.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390", "reference_id": "1388390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137889?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8624" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-av4f-gxku-qbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65661?format=api", "vulnerability_id": "VCID-dndt-tapy-23d2", "summary": "curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83631", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419" }, { "reference_url": "https://curl.se/docs/CVE-2016-5419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5419.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183", "reference_id": "1362183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137886?format=api", "purl": "pkg:generic/curl.se/curl@7.50.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1y6d-7vfu-ybb3" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1" } ], "aliases": [ "CVE-2016-5419" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dndt-tapy-23d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65653?format=api", "vulnerability_id": "VCID-f276-amhj-9yfx", "summary": "The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08372", "scoring_system": "epss", "scoring_elements": "0.92451", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153" }, { "reference_url": "https://curl.se/docs/CVE-2015-3153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3153.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341", "reference_id": "1217341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137874?format=api", "purl": "pkg:generic/curl.se/curl@7.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1y6d-7vfu-ybb3" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3s4s-6c3v-7kgn" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-5m1h-d3cm-dqfu" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-9rvz-5w86-u7e5" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-mq44-5pmp-2qhh" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.1" } ], "aliases": [ "CVE-2015-3153" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f276-amhj-9yfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65647?format=api", "vulnerability_id": "VCID-f922-jx9w-mbc5", "summary": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79462", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150" }, { "reference_url": "https://curl.se/docs/CVE-2014-8150.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-8150.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692", "reference_id": "1178692", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137871?format=api", "purl": "pkg:generic/curl.se/curl@7.40.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1y6d-7vfu-ybb3" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3s4s-6c3v-7kgn" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-5m1h-d3cm-dqfu" }, { "vulnerability": "VCID-5sem-gndf-97e6" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-9rvz-5w86-u7e5" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-mq44-5pmp-2qhh" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-s6gu-gm97-fyfk" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.40.0" } ], "aliases": [ "CVE-2014-8150" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f922-jx9w-mbc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5600?format=api", "vulnerability_id": "VCID-fhc8-r8gv-bugj", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29799", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://hackerone.com/reports/1101882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1101882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964", "reference_id": "1941964", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269", "reference_id": "986269", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.archlinux.org/AVG-1757", "reference_id": "AVG-1757", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1757" }, { "reference_url": "https://security.archlinux.org/AVG-1758", "reference_id": "AVG-1758", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876", "reference_id": "CVE-2021-22876", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876" }, { "reference_url": "https://curl.se/docs/CVE-2021-22876.html", "reference_id": "CVE-2021-22876.HTML", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137931?format=api", "purl": "pkg:generic/curl.se/curl@7.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3p2z-61gq-muhs" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6ggz-pa5t-77c4" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-7z3h-9pk3-rqct" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-byzw-xw9s-pkga" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-cjyz-fdnv-b3g4" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-p155-gbtu-abg1" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-razg-yr7y-ukgd" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tzs5-qzhn-rqbk" }, { "vulnerability": "VCID-u1p8-s8vm-3yer" }, { "vulnerability": "VCID-urgp-rqyc-sqer" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-vgap-k5zw-9qbn" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wbwx-5vg3-uqcd" }, { "vulnerability": "VCID-wgur-psum-pbck" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0" } ], "aliases": [ "CVE-2021-22876" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc8-r8gv-bugj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65635?format=api", "vulnerability_id": "VCID-g72q-eedp-aufb", "summary": "The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85568", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944" }, { "reference_url": "https://curl.se/docs/CVE-2013-1944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-1944.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274", "reference_id": "705274", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577", "reference_id": "950577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0771", "reference_id": "RHSA-2013:0771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0771" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137858?format=api", "purl": "pkg:generic/curl.se/curl@7.30.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-2u6v-6vm9-z3by" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3s4s-6c3v-7kgn" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cmcn-f8ws-q3h2" }, { "vulnerability": "VCID-cxy6-vzz9-w3ff" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-e4qf-7gqs-qyg3" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhu3-dp3m-gbgm" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-nkmd-xb13-mbg9" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-q9ht-ra39-kuef" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-tyqp-e8cp-dbbm" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xsnb-eujr-y7bz" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.30.0" } ], "aliases": [ "CVE-2013-1944" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g72q-eedp-aufb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6857?format=api", "vulnerability_id": "VCID-kkrm-dj79-4ucj", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.72016", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776" }, { "reference_url": "https://curl.se/docs/CVE-2022-27776.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27776.html" }, { "reference_url": "https://hackerone.com/reports/1547048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1547048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252", "reference_id": "1010252", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408", "reference_id": "2078408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137941?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-287k-bzqy-n7ag" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3p2z-61gq-muhs" }, { "vulnerability": "VCID-5m9y-9y57-kqg6" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6en5-etsd-2bce" }, { "vulnerability": "VCID-6ggz-pa5t-77c4" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7z3h-9pk3-rqct" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h4nw-va5b-23ef" }, { "vulnerability": "VCID-hb4z-s871-d7ck" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-k5vr-1fmp-sqbw" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mqzd-mcw5-s3h6" }, { "vulnerability": "VCID-mray-vkqx-5ka7" }, { "vulnerability": "VCID-ns58-vmsz-5ued" }, { "vulnerability": "VCID-nwvb-d466-4uaa" }, { "vulnerability": "VCID-p155-gbtu-abg1" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-razg-yr7y-ukgd" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-tzs5-qzhn-rqbk" }, { "vulnerability": "VCID-u1p8-s8vm-3yer" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wbwx-5vg3-uqcd" }, { "vulnerability": "VCID-wgur-psum-pbck" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27776" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkrm-dj79-4ucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65689?format=api", "vulnerability_id": "VCID-msd2-35g9-nyd2", "summary": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24269", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284" }, { "reference_url": "https://curl.se/docs/CVE-2020-8284.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "reference_url": "https://hackerone.com/reports/1040166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1040166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667", "reference_id": "1902667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163", "reference_id": "977163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137929?format=api", "purl": "pkg:generic/curl.se/curl@7.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6ggz-pa5t-77c4" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-7z3h-9pk3-rqct" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-byzw-xw9s-pkga" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-cjyz-fdnv-b3g4" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kn6z-caj8-bbc9" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-p155-gbtu-abg1" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-razg-yr7y-ukgd" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tzs5-qzhn-rqbk" }, { "vulnerability": "VCID-urgp-rqyc-sqer" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wbwx-5vg3-uqcd" }, { "vulnerability": "VCID-wgur-psum-pbck" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0" } ], "aliases": [ "CVE-2020-8284" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-msd2-35g9-nyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65623?format=api", "vulnerability_id": "VCID-nnv5-72sv-afbb", "summary": "Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02576", "scoring_system": "epss", "scoring_elements": "0.85834", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490" }, { "reference_url": "https://curl.se/docs/CVE-2005-0490.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2005-0490.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532", "reference_id": "1617532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:340", "reference_id": "RHSA-2005:340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:340" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137808?format=api", "purl": "pkg:generic/curl.se/curl@7.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-64mt-9155-tkbv" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-e4qf-7gqs-qyg3" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g72q-eedp-aufb" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-hhu3-dp3m-gbgm" }, { "vulnerability": "VCID-jwmh-kyed-1uca" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p178-tq2e-4ya4" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q2kb-mjg4-uba1" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q9ht-ra39-kuef" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-tyqp-e8cp-dbbm" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vnqb-6t3e-rudt" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-wc29-pw8g-mkgj" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-y8yr-dfz4-67fp" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.13.1" } ], "aliases": [ "CVE-2005-0490" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnv5-72sv-afbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65629?format=api", "vulnerability_id": "VCID-q2kb-mjg4-uba1", "summary": "lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0733", "scoring_system": "epss", "scoring_elements": "0.91834", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417" }, { "reference_url": "https://curl.se/docs/CVE-2009-2417.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-2417.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181", "reference_id": "516181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991", "reference_id": "541991", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991" }, { "reference_url": "https://security.gentoo.org/glsa/200909-20", "reference_id": "GLSA-200909-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1209", "reference_id": "RHSA-2009:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1209" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137834?format=api", "purl": "pkg:generic/curl.se/curl@7.19.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-2u6v-6vm9-z3by" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-64mt-9155-tkbv" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-e4qf-7gqs-qyg3" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g72q-eedp-aufb" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-hhu3-dp3m-gbgm" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-nkmd-xb13-mbg9" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q9ht-ra39-kuef" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-tyqp-e8cp-dbbm" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vnqb-6t3e-rudt" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-wc29-pw8g-mkgj" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.6" } ], "aliases": [ "CVE-2009-2417" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2kb-mjg4-uba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65622?format=api", "vulnerability_id": "VCID-q2wq-jd4k-8kdr", "summary": "curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59711", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605" }, { "reference_url": "https://curl.se/docs/CVE-2003-1605.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2003-1605.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137988?format=api", "purl": "pkg:generic/curl.se/curl@7.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-64mt-9155-tkbv" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-e4qf-7gqs-qyg3" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g72q-eedp-aufb" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-hhu3-dp3m-gbgm" }, { "vulnerability": "VCID-jwmh-kyed-1uca" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-nnv5-72sv-afbb" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q2kb-mjg4-uba1" }, { "vulnerability": "VCID-q9ht-ra39-kuef" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tyqp-e8cp-dbbm" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vnqb-6t3e-rudt" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-wc29-pw8g-mkgj" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-y8yr-dfz4-67fp" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.10.7" } ], "aliases": [ "CVE-2003-1605" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2wq-jd4k-8kdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65681?format=api", "vulnerability_id": "VCID-rt5e-saz2-j7c9", "summary": "libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03854", "scoring_system": "epss", "scoring_elements": "0.88416", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000007.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", "reference_id": "1537125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137903?format=api", "purl": "pkg:generic/curl.se/curl@7.58.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-cfry-nx5h-kudv" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fcb7-8163-muf4" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kae8-wmf2-2kf1" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-p7mn-a632-c3ag" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-uj78-2cgz-zbdb" }, { "vulnerability": "VCID-v82t-s9e1-2fbw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wbwx-5vg3-uqcd" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0" } ], "aliases": [ "CVE-2018-1000007" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rt5e-saz2-j7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6744?format=api", "vulnerability_id": "VCID-sesh-938m-x3f8", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83176", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618" }, { "reference_url": "https://curl.se/docs/CVE-2016-8618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378", "reference_id": "1388378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137889?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8618" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sesh-938m-x3f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65644?format=api", "vulnerability_id": "VCID-uh5a-zcds-3bcc", "summary": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0182", "scoring_system": "epss", "scoring_elements": "0.83211", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613" }, { "reference_url": "https://curl.se/docs/CVE-2014-3613.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-3613.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154", "reference_id": "1136154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137868?format=api", "purl": "pkg:generic/curl.se/curl@7.38.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1y6d-7vfu-ybb3" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-2u6v-6vm9-z3by" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3s4s-6c3v-7kgn" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-3xcn-bur1-tkdt" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-51ac-1jc2-vfed" }, { "vulnerability": "VCID-5sem-gndf-97e6" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-mq44-5pmp-2qhh" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-s6gu-gm97-fyfk" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-ugrr-z2zv-6qgp" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.38.0" } ], "aliases": [ "CVE-2014-3613" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uh5a-zcds-3bcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6743?format=api", "vulnerability_id": "VCID-vfc1-yy11-bycp", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03314", "scoring_system": "epss", "scoring_elements": "0.87485", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619" }, { "reference_url": "https://curl.se/docs/CVE-2016-8619.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8619.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379", "reference_id": "1388379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137889?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jf17-h97b-6bak" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-z8ex-47nd-47cm" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8619" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfc1-yy11-bycp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65628?format=api", "vulnerability_id": "VCID-y8yr-dfz4-67fp", "summary": "The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09919", "scoring_system": "epss", "scoring_elements": "0.93158", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037" }, { "reference_url": "https://curl.se/docs/CVE-2009-0037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-0037.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271", "reference_id": "485271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423", "reference_id": "518423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt" }, { "reference_url": "https://www.securityfocus.com/bid/33962/info", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/33962/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0341", "reference_id": "RHSA-2009:0341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0341" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137832?format=api", "purl": "pkg:generic/curl.se/curl@7.19.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-2u6v-6vm9-z3by" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-64mt-9155-tkbv" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-6rk4-vb5u-bkg6" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-8j6v-xbhy-7uc2" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdar-9qhw-hke7" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-e4qf-7gqs-qyg3" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g72q-eedp-aufb" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-hhu3-dp3m-gbgm" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-nkmd-xb13-mbg9" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-p9v4-nweu-vydg" }, { "vulnerability": "VCID-q2kb-mjg4-uba1" }, { "vulnerability": "VCID-q8ja-keyk-fyfb" }, { "vulnerability": "VCID-q9ht-ra39-kuef" }, { "vulnerability": "VCID-qe9z-wuze-tucq" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-rfdp-gsgs-eubq" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-s2gu-8jpq-mub9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-snsg-c2up-b7cn" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-tyqp-e8cp-dbbm" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-vnqb-6t3e-rudt" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-wc29-pw8g-mkgj" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-xyze-msxs-1qem" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" }, { "vulnerability": "VCID-zv25-wupq-bqfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.4" } ], "aliases": [ "CVE-2009-0037" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8yr-dfz4-67fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65677?format=api", "vulnerability_id": "VCID-zqyj-7rr3-fqew", "summary": "The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42076", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407" }, { "reference_url": "https://curl.se/docs/CVE-2017-7407.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7407.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190", "reference_id": "1439190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500", "reference_id": "859500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137895?format=api", "purl": "pkg:generic/curl.se/curl@7.54.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15sy-wmte-h3ae" }, { "vulnerability": "VCID-18p4-rvxz-pkeu" }, { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1dw3-33ju-jkbs" }, { "vulnerability": "VCID-1kpz-55f1-f7dj" }, { "vulnerability": "VCID-1m1w-rayk-sffe" }, { "vulnerability": "VCID-1zsv-4jdy-63en" }, { "vulnerability": "VCID-21ff-tazv-9ud3" }, { "vulnerability": "VCID-27bv-f11z-myak" }, { "vulnerability": "VCID-39qh-jayw-g3dh" }, { "vulnerability": "VCID-3ws4-1sak-r3ck" }, { "vulnerability": "VCID-4hha-2z31-2bf8" }, { "vulnerability": "VCID-4zcd-rbx3-qye5" }, { "vulnerability": "VCID-58p5-pfy3-xug1" }, { "vulnerability": "VCID-5svr-3vv9-mqea" }, { "vulnerability": "VCID-5ujs-47hf-g7gj" }, { "vulnerability": "VCID-5un8-xymy-37bt" }, { "vulnerability": "VCID-6745-tyba-33fa" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-7jrx-ykk8-h3gp" }, { "vulnerability": "VCID-7wqd-99h2-e7hk" }, { "vulnerability": "VCID-7yvu-s3p2-sfhc" }, { "vulnerability": "VCID-a58z-fu87-9ybs" }, { "vulnerability": "VCID-a8z6-bswu-jue8" }, { "vulnerability": "VCID-am31-t2h3-zbgw" }, { "vulnerability": "VCID-azcz-b8f2-63be" }, { "vulnerability": "VCID-bb6v-z8yg-6fe3" }, { "vulnerability": "VCID-bcuq-n4vb-k7f3" }, { "vulnerability": "VCID-bx2m-n5ft-3be8" }, { "vulnerability": "VCID-cdzf-3ydt-8bdk" }, { "vulnerability": "VCID-f7n8-zzhz-fuc8" }, { "vulnerability": "VCID-f8vu-23bb-5ue7" }, { "vulnerability": "VCID-f9nm-d5ax-qkcb" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g4n9-kg3s-pfcr" }, { "vulnerability": "VCID-g7ux-4vz2-ckfg" }, { "vulnerability": "VCID-gud1-yg9u-zyfp" }, { "vulnerability": "VCID-gueb-wzpx-ufb2" }, { "vulnerability": "VCID-h6xj-mys4-pucf" }, { "vulnerability": "VCID-hhms-2hg6-nke9" }, { "vulnerability": "VCID-j688-cyfg-p7gu" }, { "vulnerability": "VCID-jnq1-hk6d-b3a3" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-kq38-7s5x-nqaz" }, { "vulnerability": "VCID-mh96-gkf1-9uek" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-naac-snjw-qbad" }, { "vulnerability": "VCID-p8vk-yf66-wbb7" }, { "vulnerability": "VCID-p97a-kjpp-f3d8" }, { "vulnerability": "VCID-q46r-7nct-s3bw" }, { "vulnerability": "VCID-q8tg-prj1-y7b8" }, { "vulnerability": "VCID-qrnc-7ywu-37cz" }, { "vulnerability": "VCID-r2g9-c896-rkge" }, { "vulnerability": "VCID-raxd-4nxj-gkhp" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-secz-78pt-dben" }, { "vulnerability": "VCID-sutv-qt2x-2yc7" }, { "vulnerability": "VCID-swmn-7ns9-ekg1" }, { "vulnerability": "VCID-tcxd-z7f3-kkes" }, { "vulnerability": "VCID-td39-d3tf-vkhc" }, { "vulnerability": "VCID-tn33-re3r-yfhw" }, { "vulnerability": "VCID-uj78-2cgz-zbdb" }, { "vulnerability": "VCID-vpkr-9akj-hbf6" }, { "vulnerability": "VCID-w472-84ep-fkdx" }, { "vulnerability": "VCID-w8ff-vxga-8qcz" }, { "vulnerability": "VCID-wmam-qmmg-6uay" }, { "vulnerability": "VCID-xgj8-zrta-kub9" }, { "vulnerability": "VCID-y41p-tgpa-m7cs" }, { "vulnerability": "VCID-y44u-23he-aya8" }, { "vulnerability": "VCID-yjtj-ydsg-u7ca" }, { "vulnerability": "VCID-zg98-v6dj-s7gv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.54.0" } ], "aliases": [ "CVE-2017-7407" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqyj-7rr3-fqew" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107609?format=api", "vulnerability_id": "VCID-wdte-2hgu-rye3", "summary": "FTP Server Response Buffer Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2000-0973", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12231", "scoring_system": "epss", "scoring_elements": "0.93978", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2000-0973" }, { "reference_url": "https://curl.se/docs/CVE-2000-0973.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2000-0973.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616532", "reference_id": "1616532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616532" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl", "reference_id": "CVE-2000-0973;OSVDB-1612", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl", "reference_id": "CVE-2000-0973;OSVDB-1612", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl" }, { "reference_url": "https://www.securityfocus.com/bid/1804/info", "reference_id": "CVE-2000-0973;OSVDB-1612", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/1804/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/138232?format=api", "purl": "pkg:generic/curl.se/curl@7.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1k-d4ez-ybdu" }, { "vulnerability": "VCID-1b5g-9trz-7ufb" }, { "vulnerability": "VCID-5xjw-u8ad-n3g5" }, { "vulnerability": "VCID-6fv7-7u2t-gfgb" }, { "vulnerability": "VCID-738z-myg9-37hr" }, { "vulnerability": "VCID-av4f-gxku-qbhp" }, { "vulnerability": "VCID-dndt-tapy-23d2" }, { "vulnerability": "VCID-f276-amhj-9yfx" }, { "vulnerability": "VCID-f922-jx9w-mbc5" }, { "vulnerability": "VCID-fhc8-r8gv-bugj" }, { "vulnerability": "VCID-g72q-eedp-aufb" }, { "vulnerability": "VCID-kkrm-dj79-4ucj" }, { "vulnerability": "VCID-msd2-35g9-nyd2" }, { "vulnerability": "VCID-nnv5-72sv-afbb" }, { "vulnerability": "VCID-q2kb-mjg4-uba1" }, { "vulnerability": "VCID-q2wq-jd4k-8kdr" }, { "vulnerability": "VCID-rt5e-saz2-j7c9" }, { "vulnerability": "VCID-sesh-938m-x3f8" }, { "vulnerability": "VCID-uh5a-zcds-3bcc" }, { "vulnerability": "VCID-vfc1-yy11-bycp" }, { "vulnerability": "VCID-y8yr-dfz4-67fp" }, { "vulnerability": "VCID-zqyj-7rr3-fqew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.4.1" } ], "aliases": [ "CVE-2000-0973" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdte-2hgu-rye3" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.4.1" }