Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/341925?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "curl", "version": "8.20.0-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5979?format=api", "vulnerability_id": "VCID-14cb-wnj7-13e2", "summary": "curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09025", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6253" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461202", "reference_id": "2461202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461202" }, { "reference_url": "https://hackerone.com/reports/3669637", "reference_id": "3669637", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://hackerone.com/reports/3669637" }, { "reference_url": "https://curl.se/docs/CVE-2026-6253.html", "reference_id": "CVE-2026-6253.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2026-6253.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-6253.json", "reference_id": "CVE-2026-6253.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2026-6253.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342025?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6253" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-14cb-wnj7-13e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53086?format=api", "vulnerability_id": "VCID-1pa1-5qav-tfa9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57505", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468" }, { "reference_url": "https://curl.se/docs/CVE-2017-7468.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7468.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381", "reference_id": "1443381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381" }, { "reference_url": "https://security.archlinux.org/ASA-201704-12", "reference_id": "ASA-201704-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201704-12" }, { "reference_url": "https://security.archlinux.org/AVG-180", "reference_id": "AVG-180", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-180" }, { "reference_url": "https://security.archlinux.org/AVG-181", "reference_id": "AVG-181", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-181" }, { "reference_url": "https://security.archlinux.org/AVG-183", "reference_id": "AVG-183", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-183" }, { "reference_url": "https://security.archlinux.org/AVG-184", "reference_id": "AVG-184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-184" }, { "reference_url": "https://security.archlinux.org/AVG-241", "reference_id": "AVG-241", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-241" }, { "reference_url": "https://security.archlinux.org/AVG-243", "reference_id": "AVG-243", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-243" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3262-1/", "reference_id": "USN-3262-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3262-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341959?format=api", "purl": "pkg:deb/debian/curl@7.52.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7468" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1pa1-5qav-tfa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57034?format=api", "vulnerability_id": "VCID-257w-bhnj-kugq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04293", "scoring_system": "epss", "scoring_elements": "0.89034", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615" }, { "reference_url": "https://curl.se/docs/CVE-2016-8615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8615.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370", "reference_id": "1388370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370" }, { "reference_url": "http://www.securityfocus.com/bid/94096", "reference_id": "94096", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "http://www.securityfocus.com/bid/94096" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102A.html", "reference_id": "adv_20161102A.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102A.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://curl.haxx.se/CVE-2016-8615.patch", "reference_id": "CVE-2016-8615.patch", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://curl.haxx.se/CVE-2016-8615.patch" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615", "reference_id": "show_bug.cgi?id=CVE-2016-8615", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8615" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-257w-bhnj-kugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12262?format=api", "vulnerability_id": "VCID-2bvs-a5w1-gfhe", "summary": "curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14524", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12632", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14524" }, { "reference_url": "https://curl.se/docs/CVE-2025-14524.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://curl.se/docs/CVE-2025-14524.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3459417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://hackerone.com/reports/3459417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426407", "reference_id": "2426407", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426407" }, { "reference_url": "https://curl.se/docs/CVE-2025-14524.json", "reference_id": "CVE-2025-14524.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://curl.se/docs/CVE-2025-14524.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342016?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-14524" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bvs-a5w1-gfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71341?format=api", "vulnerability_id": "VCID-2nad-8f6j-a7bz", "summary": "curl: URL sanitization vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0036.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10342", "scoring_system": "epss", "scoring_elements": "0.93309", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0036" }, { "reference_url": "https://curl.se/docs/CVE-2012-0036.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2012-0036.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0036" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=773457", "reference_id": "773457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773457" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://usn.ubuntu.com/1346-1/", "reference_id": "USN-1346-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1346-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341937?format=api", "purl": "pkg:deb/debian/curl@7.24.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.24.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0036" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nad-8f6j-a7bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61521?format=api", "vulnerability_id": "VCID-2nqm-34t9-eqcr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00735", "scoring_system": "epss", "scoring_elements": "0.73108", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8817" }, { "reference_url": "https://curl.se/docs/CVE-2017-8817.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8817.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102057", "reference_id": "102057", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "http://www.securityfocus.com/bid/102057" }, { "reference_url": "http://www.securitytracker.com/id/1039897", "reference_id": "1039897", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "http://www.securitytracker.com/id/1039897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760", "reference_id": "1515760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515760" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-ae72.html", "reference_id": "adv_2017-ae72.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "https://curl.haxx.se/docs/adv_2017-ae72.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-33", "reference_id": "ASA-201711-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-33" }, { "reference_url": "https://security.archlinux.org/ASA-201711-34", "reference_id": "ASA-201711-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-34" }, { "reference_url": "https://security.archlinux.org/ASA-201711-35", "reference_id": "ASA-201711-35", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-35" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-524", "reference_id": "AVG-524", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-524" }, { "reference_url": "https://security.archlinux.org/AVG-525", "reference_id": "AVG-525", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-525" }, { "reference_url": "https://security.archlinux.org/AVG-526", "reference_id": "AVG-526", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-526" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=162", "reference_id": "details.php?id=162", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "http://security.cucumberlinux.com/security/details.php?id=162" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "dsa-4051", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" }, { "reference_url": "https://usn.ubuntu.com/3498-2/", "reference_id": "USN-3498-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341960?format=api", "purl": "pkg:deb/debian/curl@7.57.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.57.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-8817" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nqm-34t9-eqcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76951?format=api", "vulnerability_id": "VCID-2v93-gqe1-xqd8", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02576", "scoring_system": "epss", "scoring_elements": "0.85804", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490" }, { "reference_url": "https://curl.se/docs/CVE-2005-0490.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2005-0490.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0490" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532", "reference_id": "1617532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:340", "reference_id": "RHSA-2005:340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:340" }, { "reference_url": "https://usn.ubuntu.com/86-1/", "reference_id": "USN-86-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/86-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341927?format=api", "purl": "pkg:deb/debian/curl@7.13.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.13.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0490" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2v93-gqe1-xqd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54248?format=api", "vulnerability_id": "VCID-2x3m-p3eu-y7cn", "summary": "curl: Windows OpenSSL engine code injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00992", "scoring_system": "epss", "scoring_elements": "0.77192", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443" }, { "reference_url": "https://curl.se/docs/CVE-2019-5443.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5443.html" }, { "reference_url": "https://hackerone.com/reports/608577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/608577" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772100", "reference_id": "1772100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5443" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2x3m-p3eu-y7cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27914?format=api", "vulnerability_id": "VCID-32gj-mvnb-rudh", "summary": "curl: HSTS subdomain overwrites parent cache entry", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73342", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804", "reference_id": "1086804", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322969", "reference_id": "2322969", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322969" }, { "reference_url": "https://hackerone.com/reports/2764830", "reference_id": "2764830", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/" } ], "url": "https://hackerone.com/reports/2764830" }, { "reference_url": "https://curl.se/docs/CVE-2024-9681.html", "reference_id": "CVE-2024-9681.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/" } ], "url": "https://curl.se/docs/CVE-2024-9681.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-9681.json", "reference_id": "CVE-2024-9681.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/" } ], "url": "https://curl.se/docs/CVE-2024-9681.json" }, { "reference_url": "https://usn.ubuntu.com/7104-1/", "reference_id": "USN-7104-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7104-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342007?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342008?format=api", "purl": "pkg:deb/debian/curl@8.11.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.11.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-9681" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32gj-mvnb-rudh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25980?format=api", "vulnerability_id": "VCID-3c1c-2n4r-uyag", "summary": "libcurl: Double Close of Eventfd in libcurl", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0665.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04569", "scoring_system": "epss", "scoring_elements": "0.89376", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0665" }, { "reference_url": "https://curl.se/docs/CVE-2025-0665.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-0665.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2954286", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://hackerone.com/reports/2954286" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343895", "reference_id": "2343895", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343895" }, { "reference_url": "https://curl.se/docs/CVE-2025-0665.json", "reference_id": "CVE-2025-0665.json", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-0665.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342010?format=api", "purl": "pkg:deb/debian/curl@8.12.0%2Bgit20250209.89ed161%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.12.0%252Bgit20250209.89ed161%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0665" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3c1c-2n4r-uyag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44560?format=api", "vulnerability_id": "VCID-3dn4-6jtb-kqhk", "summary": "curl: use-after-free and double-free in MQTT sending", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57931", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22945" }, { "reference_url": "https://curl.se/docs/CVE-2021-22945.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22945.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1269242", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://hackerone.com/reports/1269242" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001527", "reference_id": "2001527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001527" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945", "reference_id": "CVE-2021-22945", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-28T15:53:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22945" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3dn4-6jtb-kqhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52897?format=api", "vulnerability_id": "VCID-3m3q-mxu4-9uhh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00816", "scoring_system": "epss", "scoring_elements": "0.74606", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8620" }, { "reference_url": "https://curl.se/docs/CVE-2016-8620.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8620.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382", "reference_id": "1388382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388382" }, { "reference_url": "http://www.securityfocus.com/bid/94102", "reference_id": "94102", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "http://www.securityfocus.com/bid/94102" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102F.html", "reference_id": "adv_20161102F.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102F.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8620", "reference_id": "show_bug.cgi?id=CVE-2016-8620", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8620" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8620" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3m3q-mxu4-9uhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63716?format=api", "vulnerability_id": "VCID-3n8z-33hn-ffbv", "summary": "curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2628.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2628.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74866", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2628" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464", "reference_id": "1422464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0847", "reference_id": "RHSA-2017:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-2628" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3n8z-33hn-ffbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46287?format=api", "vulnerability_id": "VCID-3xnn-1yr9-4qdk", "summary": "curl: Inferior OCSP verification", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52308", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286" }, { "reference_url": "https://curl.se/docs/CVE-2020-8286.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1048457", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://hackerone.com/reports/1048457" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906096", "reference_id": "1906096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906096" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/50", "reference_id": "50", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/51", "reference_id": "51", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/54", "reference_id": "54", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161", "reference_id": "977161", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf", "reference_id": "ssa-200951.pdf", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341969?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8286" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xnn-1yr9-4qdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39116?format=api", "vulnerability_id": "VCID-4563-62mm-57aq", "summary": "curl: TELNET option IAC injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39186", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533" }, { "reference_url": "https://curl.se/docs/CVE-2023-27533.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27533.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1891474", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://hackerone.com/reports/1891474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062", "reference_id": "2179062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0011/", "reference_id": "ntap-20230420-0011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341984?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27533" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4563-62mm-57aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57029?format=api", "vulnerability_id": "VCID-46wr-p8c4-x7he", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83146", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618" }, { "reference_url": "https://curl.se/docs/CVE-2016-8618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378", "reference_id": "1388378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8618" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46wr-p8c4-x7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40782?format=api", "vulnerability_id": "VCID-4nqj-8xk6-a7ha", "summary": "curl: POST following PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01759", "scoring_system": "epss", "scoring_elements": "0.82916", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221" }, { "reference_url": "https://curl.se/docs/CVE-2022-32221.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32221.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1704017", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://hackerone.com/reports/1704017" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", "reference_id": "2135411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/05/17/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5330", "reference_id": "dsa-5330", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230208-0002/", "reference_id": "ntap-20230208-0002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0333", "reference_id": "RHSA-2023:0333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" }, { "reference_url": "https://usn.ubuntu.com/5702-2/", "reference_id": "USN-5702-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-2/" }, { "reference_url": "https://usn.ubuntu.com/5823-1/", "reference_id": "USN-5823-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5823-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341977?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-32221" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqj-8xk6-a7ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15330?format=api", "vulnerability_id": "VCID-4pzm-87dd-xqbs", "summary": "curl: Curl missing SFTP host verification with wolfSSH backend", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07768", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10966" }, { "reference_url": "https://curl.se/docs/CVE-2025-10966.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-10966.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3355218", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/" } ], "url": "https://hackerone.com/reports/3355218" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413308", "reference_id": "2413308", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413308" }, { "reference_url": "https://curl.se/docs/CVE-2025-10966.json", "reference_id": "CVE-2025-10966.json", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-10966.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342013?format=api", "purl": "pkg:deb/debian/curl@8.17.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.17.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-10966" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pzm-87dd-xqbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89892?format=api", "vulnerability_id": "VCID-4wmd-2ube-6ud3", "summary": "Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \\ (backslash) as a separator of path components within the Content-disposition HTTP header.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.75985", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3842" }, { "reference_url": "https://curl.se/docs/CVE-2010-3842.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2010-3842.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3842" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wmd-2ube-6ud3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54168?format=api", "vulnerability_id": "VCID-58v1-7e86-skcr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02668", "scoring_system": "epss", "scoring_elements": "0.86056", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000121" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000121.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000121.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631", "reference_id": "1552631", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552631" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341963?format=api", "purl": "pkg:deb/debian/curl@7.60.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.60.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000121" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58v1-7e86-skcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8128?format=api", "vulnerability_id": "VCID-5hb5-9gh5-kyfs", "summary": "curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07311", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3783" }, { "reference_url": "https://curl.se/docs/CVE-2026-3783.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://curl.se/docs/CVE-2026-3783.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3583983", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://hackerone.com/reports/3583983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446450", "reference_id": "2446450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446450" }, { "reference_url": "https://curl.se/docs/CVE-2026-3783.json", "reference_id": "CVE-2026-3783.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://curl.se/docs/CVE-2026-3783.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342023?format=api", "purl": "pkg:deb/debian/curl@8.19.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.19.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-3783" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hb5-9gh5-kyfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36368?format=api", "vulnerability_id": "VCID-5jsn-ubxh-fqe4", "summary": "curl: excessively long file name may lead to unknown HSTS status", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34126", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46219" }, { "reference_url": "https://curl.se/docs/CVE-2023-46219.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/" } ], "url": "https://curl.se/docs/CVE-2023-46219.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2236133", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/" } ], "url": "https://hackerone.com/reports/2236133" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645", "reference_id": "1057645", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252034", "reference_id": "2252034", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252034" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5587", "reference_id": "dsa-5587", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5587" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240119-0007/", "reference_id": "ntap-20240119-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240119-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/", "reference_id": "UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/" }, { "reference_url": "https://usn.ubuntu.com/6535-1/", "reference_id": "USN-6535-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6535-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341992?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341994?format=api", "purl": "pkg:deb/debian/curl@8.5.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.5.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-46219" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jsn-ubxh-fqe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58693?format=api", "vulnerability_id": "VCID-5q7e-maen-9kes", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02011", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3694390", "reference_id": "3694390", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://hackerone.com/reports/3694390" }, { "reference_url": "https://curl.se/docs/CVE-2026-7009.html", "reference_id": "CVE-2026-7009.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://curl.se/docs/CVE-2026-7009.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-7009.json", "reference_id": "CVE-2026-7009.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://curl.se/docs/CVE-2026-7009.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-7009" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5q7e-maen-9kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37236?format=api", "vulnerability_id": "VCID-5stq-jajr-57hv", "summary": "curl: out of heap memory issue due to missing limit on header quantity", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14797", "scoring_system": "epss", "scoring_elements": "0.94612", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38039" }, { "reference_url": "https://curl.se/docs/CVE-2023-38039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-38039.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2072338", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://hackerone.com/reports/2072338" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239135", "reference_id": "2239135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239135" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/", "reference_id": "5DCZMYODALBLVOXVJEN2LF2MLANEYL4F", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/", "reference_id": "M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231013-0005/", "reference_id": "ntap-20231013-0005", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231013-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://www.insyde.com/security-pledge/SA-2023064", "reference_id": "SA-2023064", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://www.insyde.com/security-pledge/SA-2023064" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/", "reference_id": "TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/" }, { "reference_url": "https://usn.ubuntu.com/6363-1/", "reference_id": "USN-6363-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6363-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341987?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341988?format=api", "purl": "pkg:deb/debian/curl@8.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-38039" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5stq-jajr-57hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45253?format=api", "vulnerability_id": "VCID-62br-m3wt-gqdm", "summary": "curl: Use-after-free in TLS session handling when using OpenSSL TLS backend", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43726", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22901" }, { "reference_url": "https://curl.se/docs/CVE-2021-22901.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22901.html" }, { "reference_url": "https://hackerone.com/reports/1180380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1180380" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963146", "reference_id": "1963146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963146" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22901" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-62br-m3wt-gqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54638?format=api", "vulnerability_id": "VCID-64yx-9372-guce", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000099.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00623", "scoring_system": "epss", "scoring_elements": "0.70459", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000099" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000099.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000099.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478316", "reference_id": "1478316", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478316" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000099" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64yx-9372-guce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54427?format=api", "vulnerability_id": "VCID-689c-z62z-ukc7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56267", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0167" }, { "reference_url": "https://curl.se/docs/CVE-2025-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://curl.se/docs/CVE-2025-0167.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2917232", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://hackerone.com/reports/2917232" }, { "reference_url": "https://curl.se/docs/CVE-2025-0167.json", "reference_id": "CVE-2025-0167.json", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://curl.se/docs/CVE-2025-0167.json" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342009?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342010?format=api", "purl": "pkg:deb/debian/curl@8.12.0%2Bgit20250209.89ed161%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.12.0%252Bgit20250209.89ed161%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0167" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-689c-z62z-ukc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56546?format=api", "vulnerability_id": "VCID-689h-1jnp-yfbr", "summary": "curl: SMTP end-of-response out-of-bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.81826", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823" }, { "reference_url": "https://curl.se/docs/CVE-2019-3823.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256", "reference_id": "1670256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670256" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3823.html", "reference_id": "CVE-2019-3823.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", "reference_id": "show_bug.cgi?id=CVE-2019-3823", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", "reference_id": "ssa-936080.pdf", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341965?format=api", "purl": "pkg:deb/debian/curl@7.64.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-3823" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-689h-1jnp-yfbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57705?format=api", "vulnerability_id": "VCID-6jpy-xpur-abc7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03165", "scoring_system": "epss", "scoring_elements": "0.87146", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8621" }, { "reference_url": "https://curl.se/docs/CVE-2016-8621.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8621.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385", "reference_id": "1388385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388385" }, { "reference_url": "http://www.securityfocus.com/bid/94101", "reference_id": "94101", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "http://www.securityfocus.com/bid/94101" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102G.html", "reference_id": "adv_20161102G.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102G.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://curl.haxx.se/CVE-2016-8621.patch", "reference_id": "CVE-2016-8621.patch", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://curl.haxx.se/CVE-2016-8621.patch" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8621", "reference_id": "show_bug.cgi?id=CVE-2016-8621", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8621" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8621" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jpy-xpur-abc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53860?format=api", "vulnerability_id": "VCID-6pbt-tvzv-nqc5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0419", "scoring_system": "epss", "scoring_elements": "0.889", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616" }, { "reference_url": "https://curl.se/docs/CVE-2016-8616.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8616.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371", "reference_id": "1388371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8616" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pbt-tvzv-nqc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39434?format=api", "vulnerability_id": "VCID-71rt-1h3a-jkcm", "summary": "curl: HSTS amnesia with --parallel", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11969", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23915" }, { "reference_url": "https://curl.se/docs/CVE-2023-23915.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-23915.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1814333", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1814333" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371", "reference_id": "1031371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813", "reference_id": "2167813", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230309-0006/", "reference_id": "ntap-20230309-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://usn.ubuntu.com/5891-1/", "reference_id": "USN-5891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341981?format=api", "purl": "pkg:deb/debian/curl@7.88.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-23915" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71rt-1h3a-jkcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89897?format=api", "vulnerability_id": "VCID-72pz-4qf7-xfdb", "summary": "Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70137", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4802" }, { "reference_url": "https://curl.se/docs/CVE-2016-4802.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-4802.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4802" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72pz-4qf7-xfdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5978?format=api", "vulnerability_id": "VCID-777y-dgxh-kba5", "summary": "curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0549", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461201", "reference_id": "2461201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461201" }, { "reference_url": "https://hackerone.com/reports/3650689", "reference_id": "3650689", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://hackerone.com/reports/3650689" }, { "reference_url": "https://curl.se/docs/CVE-2026-5773.html", "reference_id": "CVE-2026-5773.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://curl.se/docs/CVE-2026-5773.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-5773.json", "reference_id": "CVE-2026-5773.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://curl.se/docs/CVE-2026-5773.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342024?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-5773" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-777y-dgxh-kba5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63263?format=api", "vulnerability_id": "VCID-7g7n-4tsf-2fgx", "summary": "curl: URL file scheme drive letter buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00552", "scoring_system": "epss", "scoring_elements": "0.68328", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9502" }, { "reference_url": "https://curl.se/docs/CVE-2017-9502.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-9502.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461321", "reference_id": "1461321", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461321" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9502" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7g7n-4tsf-2fgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38508?format=api", "vulnerability_id": "VCID-7wd8-zrdf-gkc6", "summary": "curl: more POST-after-PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.7063", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322" }, { "reference_url": "https://curl.se/docs/CVE-2023-28322.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28322.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1954658", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://hackerone.com/reports/1954658" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793", "reference_id": "2196793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341986?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341985?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28322" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7wd8-zrdf-gkc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40218?format=api", "vulnerability_id": "VCID-84u3-ynnu-7kct", "summary": "curl: Use-after-free triggered by an HTTP proxy deny response", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27961", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552" }, { "reference_url": "https://curl.se/docs/CVE-2022-43552.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-43552.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1764858", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://hackerone.com/reports/1764858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830", "reference_id": "1026830", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Mar/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652", "reference_id": "2152652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213670", "reference_id": "HT213670", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://support.apple.com/kb/HT213670" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230214-0002/", "reference_id": "ntap-20230214-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7743", "reference_id": "RHSA-2023:7743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5788-1/", "reference_id": "USN-5788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5788-1/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341977?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341980?format=api", "purl": "pkg:deb/debian/curl@7.86.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-43552" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84u3-ynnu-7kct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5977?format=api", "vulnerability_id": "VCID-8f6k-xr87-uqfz", "summary": "curl: curl: Information disclosure due to incorrect TLS connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02632", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461200", "reference_id": "2461200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461200" }, { "reference_url": "https://hackerone.com/reports/3621851", "reference_id": "3621851", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://hackerone.com/reports/3621851" }, { "reference_url": "https://curl.se/docs/CVE-2026-4873.html", "reference_id": "CVE-2026-4873.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://curl.se/docs/CVE-2026-4873.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-4873.json", "reference_id": "CVE-2026-4873.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://curl.se/docs/CVE-2026-4873.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342024?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4873" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8f6k-xr87-uqfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57448?format=api", "vulnerability_id": "VCID-8jhw-8b8k-sqbv", "summary": "curl: Use-after-free when closing \"easy\" handle in Curl_close()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52612", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840" }, { "reference_url": "https://curl.se/docs/CVE-2018-16840.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16840.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042013", "reference_id": "1042013", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "http://www.securitytracker.com/id/1042013" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642203", "reference_id": "1642203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642203" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "3805-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" }, { "reference_url": "https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f", "reference_id": "81d135d67155c5295b1033679c606165d4e28f3f", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/ASA-201811-5", "reference_id": "ASA-201811-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-5" }, { "reference_url": "https://security.archlinux.org/ASA-201811-6", "reference_id": "ASA-201811-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-6" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://security.archlinux.org/AVG-799", "reference_id": "AVG-799", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-799" }, { "reference_url": "https://security.archlinux.org/AVG-800", "reference_id": "AVG-800", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-800" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16840.html", "reference_id": "CVE-2018-16840.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16840.html" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840", "reference_id": "show_bug.cgi?id=CVE-2018-16840", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341964?format=api", "purl": "pkg:deb/debian/curl@7.62.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.62.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16840" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jhw-8b8k-sqbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29276?format=api", "vulnerability_id": "VCID-8k4c-jcmk-xkdc", "summary": "curl: OCSP stapling bypass with GnuTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68546", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519", "reference_id": "2310519", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519" }, { "reference_url": "https://hackerone.com/reports/2669852", "reference_id": "2669852", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://hackerone.com/reports/2669852" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.html", "reference_id": "CVE-2024-8096.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.json", "reference_id": "CVE-2024-8096.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.json" }, { "reference_url": "https://usn.ubuntu.com/7012-1/", "reference_id": "USN-7012-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7012-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342005?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u14?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342004?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342006?format=api", "purl": "pkg:deb/debian/curl@8.10.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.10.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-8096" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8k4c-jcmk-xkdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54662?format=api", "vulnerability_id": "VCID-8kzz-y6n1-97cv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0185", "scoring_system": "epss", "scoring_elements": "0.83317", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8622" }, { "reference_url": "https://curl.se/docs/CVE-2016-8622.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8622.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386", "reference_id": "1388386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388386" }, { "reference_url": "http://www.securityfocus.com/bid/94105", "reference_id": "94105", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "http://www.securityfocus.com/bid/94105" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102H.html", "reference_id": "adv_20161102H.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102H.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8622", "reference_id": "show_bug.cgi?id=CVE-2016-8622", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8622" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8622" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kzz-y6n1-97cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83718?format=api", "vulnerability_id": "VCID-958w-vdd3-5kff", "summary": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05283", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19909" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/curl/curl/pull/4166", "reference_id": "4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:11:17Z/" } ], "url": "https://github.com/curl/curl/pull/4166" }, { "reference_url": "https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/", "reference_id": "cve-2020-19909-is-everything-that-is-wrong-with-cves", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:11:17Z/" } ], "url": "https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341967?format=api", "purl": "pkg:deb/debian/curl@7.66.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.66.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-19909" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-958w-vdd3-5kff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89895?format=api", "vulnerability_id": "VCID-958x-aqdm-27br", "summary": "cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57741", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754" }, { "reference_url": "https://curl.se/docs/CVE-2016-0754.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0754.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0754" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-958x-aqdm-27br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36936?format=api", "vulnerability_id": "VCID-97n5-5pa2-rqhz", "summary": "curl: cookie injection with none file", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00441", "scoring_system": "epss", "scoring_elements": "0.63492", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2148242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2148242" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938", "reference_id": "2241938", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://security.archlinux.org/AVG-2845", "reference_id": "AVG-2845", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2845" }, { "reference_url": "https://security.archlinux.org/AVG-2846", "reference_id": "AVG-2846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546", "reference_id": "CVE-2023-38546", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546" }, { "reference_url": "https://curl.se/docs/CVE-2023-38546.html", "reference_id": "CVE-2023-38546.HTML", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://curl.se/docs/CVE-2023-38546.html" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/", "reference_id": "OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5700", "reference_id": "RHSA-2023:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5763", "reference_id": "RHSA-2023:5763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6745", "reference_id": "RHSA-2023:6745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7540", "reference_id": "RHSA-2023:7540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2101", "reference_id": "RHSA-2024:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2101" }, { "reference_url": "https://usn.ubuntu.com/6429-1/", "reference_id": "USN-6429-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-1/" }, { "reference_url": "https://usn.ubuntu.com/6429-2/", "reference_id": "USN-6429-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-2/" }, { "reference_url": "https://usn.ubuntu.com/6429-3/", "reference_id": "USN-6429-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-3/" }, { "reference_url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868", "reference_id": "viewtopic.php?f=8&t=8868", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341990?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341989?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341991?format=api", "purl": "pkg:deb/debian/curl@8.3.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.3.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-38546" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97n5-5pa2-rqhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68417?format=api", "vulnerability_id": "VCID-9ck1-b1zb-euad", "summary": "curl: cookies accepted for TLDs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3620.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.80086", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3620" }, { "reference_url": "https://curl.se/docs/CVE-2014-3620.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-3620.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138846", "reference_id": "1138846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138846" }, { "reference_url": "https://usn.ubuntu.com/2346-1/", "reference_id": "USN-2346-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2346-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341945?format=api", "purl": "pkg:deb/debian/curl@7.38.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3620" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ck1-b1zb-euad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12172?format=api", "vulnerability_id": "VCID-9mnp-4p5a-ybcn", "summary": "curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14017", "reference_id": "", "reference_type": "", "scores": [ { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00206", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14017" }, { "reference_url": "https://curl.se/docs/CVE-2025-14017.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/" } ], "url": "https://curl.se/docs/CVE-2025-14017.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427870", "reference_id": "2427870", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427870" }, { "reference_url": "https://curl.se/docs/CVE-2025-14017.json", "reference_id": "CVE-2025-14017.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/" } ], "url": "https://curl.se/docs/CVE-2025-14017.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342016?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-14017" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9mnp-4p5a-ybcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56545?format=api", "vulnerability_id": "VCID-a2hy-wacd-37ht", "summary": "curl: NTLMv2 type-3 header stack buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95359", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822" }, { "reference_url": "https://curl.se/docs/CVE-2019-3822.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254", "reference_id": "1670254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670254" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3822.html", "reference_id": "CVE-2019-3822.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://support.f5.com/csp/article/K84141449", "reference_id": "K84141449", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449" }, { "reference_url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0004/", "reference_id": "ntap-20190719-0004", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", "reference_id": "show_bug.cgi?id=CVE-2019-3822", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341965?format=api", "purl": "pkg:deb/debian/curl@7.64.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-3822" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2hy-wacd-37ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69659?format=api", "vulnerability_id": "VCID-a9jr-hx2n-87ch", "summary": "curl: Loop counter error, leading to heap-based buffer overflow when decoding certain URLs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03181", "scoring_system": "epss", "scoring_elements": "0.8718", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2174" }, { "reference_url": "https://curl.se/docs/CVE-2013-2174.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-2174.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=965640", "reference_id": "965640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=965640" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0983", "reference_id": "RHSA-2013:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0983" }, { "reference_url": "https://usn.ubuntu.com/1894-1/", "reference_id": "USN-1894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341940?format=api", "purl": "pkg:deb/debian/curl@7.31.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.31.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2174" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9jr-hx2n-87ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8130?format=api", "vulnerability_id": "VCID-ab48-azj9-p3hq", "summary": "curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22163", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446448", "reference_id": "2446448", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446448" }, { "reference_url": "https://curl.se/docs/CVE-2026-1965.html", "reference_id": "CVE-2026-1965.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/" } ], "url": "https://curl.se/docs/CVE-2026-1965.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-1965.json", "reference_id": "CVE-2026-1965.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/" } ], "url": "https://curl.se/docs/CVE-2026-1965.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342022?format=api", "purl": "pkg:deb/debian/curl@8.19.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.19.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-1965" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ab48-azj9-p3hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36362?format=api", "vulnerability_id": "VCID-adkw-dnqu-6ffy", "summary": "curl: information disclosure by exploiting a mixed case flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44526", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218" }, { "reference_url": "https://curl.se/docs/CVE-2023-46218.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://curl.se/docs/CVE-2023-46218.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2212193", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://hackerone.com/reports/2212193" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646", "reference_id": "1057646", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030", "reference_id": "2252030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/", "reference_id": "3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5587", "reference_id": "dsa-5587", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5587" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240125-0007/", "reference_id": "ntap-20240125-0007", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240125-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0434", "reference_id": "RHSA-2024:0434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0452", "reference_id": "RHSA-2024:0452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1129", "reference_id": "RHSA-2024:1129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/", "reference_id": "UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/" }, { "reference_url": "https://usn.ubuntu.com/6535-1/", "reference_id": "USN-6535-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6535-1/" }, { "reference_url": "https://usn.ubuntu.com/6641-1/", "reference_id": "USN-6641-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6641-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341993?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341992?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341994?format=api", "purl": "pkg:deb/debian/curl@8.5.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.5.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-46218" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-adkw-dnqu-6ffy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57832?format=api", "vulnerability_id": "VCID-age7-hx9p-fya2", "summary": "curl FTP path confusion leads to NIL byte out of bounds write\ncurl can be coerced into writing a zero byte out of bounds.\n\nThis bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command (--ftp-method singlecwd or the libcurl alternative [CURLOPT_FTP_FILEMETHOD](https://curl.se/libcurl/c/CURLOPT_FTP_FILEMETHOD.html)).\n\ncurl then URL-decodes the given path, calls strlen() on the result and deducts the length of the file name part to find the end of the directory within the buffer. It then writes a zero byte on that index, in a buffer allocated on the heap.\n\nIf the directory part of the URL contains a `%00` sequence, the directory length might end up shorter than the file name path, making the calculation `size_t index = directory_len - filepart_len` end up with a huge index variable for where the zero byte gets stored: `heap_buffer[index] = 0`. On several architectures that huge index will wrap and work as a negative value, thus overwriting memory before the intended heap buffer.\n\nBy using different file part lengths and putting the string `%00` in different places in the URL, an attacker that can control what paths a curl-using application uses can write that zero byte on different indexes.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3157", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0544", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0594", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0594" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01298", "scoring_system": "epss", "scoring_elements": "0.80025", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000120" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-9cd6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.haxx.se/docs/adv_2018-9cd6.html" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000120.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/coapp-packages/curl", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/coapp-packages/curl" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120" }, { "reference_url": "https://usn.ubuntu.com/3598-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-1" }, { "reference_url": "https://usn.ubuntu.com/3598-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-1/" }, { "reference_url": "https://usn.ubuntu.com/3598-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3598-2" }, { "reference_url": "https://usn.ubuntu.com/3598-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3598-2/" }, { "reference_url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531" }, { "reference_url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4136", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4136" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628", "reference_id": "1552628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://github.com/advisories/GHSA-674j-7m97-j2p9", "reference_id": "GHSA-674j-7m97-j2p9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-674j-7m97-j2p9" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341963?format=api", "purl": "pkg:deb/debian/curl@7.60.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.60.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000120", "GHSA-674j-7m97-j2p9" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-age7-hx9p-fya2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59765?format=api", "vulnerability_id": "VCID-ahjd-g791-yfhj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00825", "scoring_system": "epss", "scoring_elements": "0.74767", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8818" }, { "reference_url": "https://curl.se/docs/CVE-2017-8818.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8818.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517691", "reference_id": "1517691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517691" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341960?format=api", "purl": "pkg:deb/debian/curl@7.57.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.57.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-8818" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahjd-g791-yfhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54350?format=api", "vulnerability_id": "VCID-av4m-zmbd-1bdu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36867", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842" }, { "reference_url": "https://curl.se/docs/CVE-2018-16842.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16842.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042014", "reference_id": "1042014", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "http://www.securitytracker.com/id/1042014" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644124", "reference_id": "1644124", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644124" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "3805-1", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" }, { "reference_url": "https://usn.ubuntu.com/3805-2/", "reference_id": "3805-2", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://usn.ubuntu.com/3805-2/" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16842.html", "reference_id": "CVE-2018-16842.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16842.html" }, { "reference_url": "https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211", "reference_id": "d530e92f59ae9bb2d47066c3c460b25d2ffeb211", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4331", "reference_id": "dsa-4331", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4331" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2181", "reference_id": "RHSA-2019:2181", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842", "reference_id": "show_bug.cgi?id=CVE-2018-16842", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341964?format=api", "purl": "pkg:deb/debian/curl@7.62.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.62.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16842" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-av4m-zmbd-1bdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54621?format=api", "vulnerability_id": "VCID-ay4r-g4gd-pbfh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71275", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000101" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000101.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000101.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/100249", "reference_id": "100249", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "http://www.securityfocus.com/bid/100249" }, { "reference_url": "http://www.securitytracker.com/id/1039117", "reference_id": "1039117", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "http://www.securitytracker.com/id/1039117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309", "reference_id": "1478309", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478309" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554", "reference_id": "871554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809A.html", "reference_id": "adv_20170809A.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "https://curl.haxx.se/docs/adv_20170809A.html" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "dsa-3992", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "HT208221", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/" } ], "url": "https://support.apple.com/HT208221" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341955?format=api", "purl": "pkg:deb/debian/curl@7.55.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.55.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000101" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ay4r-g4gd-pbfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78301?format=api", "vulnerability_id": "VCID-b4x7-cte8-zqhu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3564.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3564.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70725", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3564" }, { "reference_url": "https://curl.se/docs/CVE-2007-3564.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2007-3564.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564" }, { "reference_url": "https://usn.ubuntu.com/484-1/", "reference_id": "USN-484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/484-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341931?format=api", "purl": "pkg:deb/debian/curl@7.16.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.16.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3564" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4x7-cte8-zqhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55716?format=api", "vulnerability_id": "VCID-b656-14j2-dbdn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80482", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624" }, { "reference_url": "https://curl.se/docs/CVE-2016-8624.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8624.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390", "reference_id": "1388390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390" }, { "reference_url": "http://www.securityfocus.com/bid/94103", "reference_id": "94103", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "http://www.securityfocus.com/bid/94103" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102J.html", "reference_id": "adv_20161102J.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102J.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E", "reference_id": "rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624", "reference_id": "show_bug.cgi?id=CVE-2016-8624", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8624" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b656-14j2-dbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68416?format=api", "vulnerability_id": "VCID-b8jv-hnb7-eqfc", "summary": "curl: incorrect handling of IP addresses in cookie domain", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0182", "scoring_system": "epss", "scoring_elements": "0.83179", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613" }, { "reference_url": "https://curl.se/docs/CVE-2014-3613.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-3613.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154", "reference_id": "1136154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2346-1/", "reference_id": "USN-2346-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2346-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341945?format=api", "purl": "pkg:deb/debian/curl@7.38.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3613" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8jv-hnb7-eqfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53250?format=api", "vulnerability_id": "VCID-bnr9-9qa9-vfab", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15484", "scoring_system": "epss", "scoring_elements": "0.94772", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436" }, { "reference_url": "https://curl.se/docs/CVE-2019-5436.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5436.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/550696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/550696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", "reference_id": "1710620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710620" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/11/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/11/6" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351", "reference_id": "929351", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351" }, { "reference_url": "https://security.archlinux.org/ASA-201905-11", "reference_id": "ASA-201905-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-11" }, { "reference_url": "https://security.archlinux.org/ASA-201905-12", "reference_id": "ASA-201905-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-12" }, { "reference_url": "https://security.archlinux.org/ASA-201905-13", "reference_id": "ASA-201905-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-13" }, { "reference_url": "https://security.archlinux.org/ASA-201905-14", "reference_id": "ASA-201905-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-14" }, { "reference_url": "https://security.archlinux.org/ASA-201905-15", "reference_id": "ASA-201905-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-15" }, { "reference_url": "https://security.archlinux.org/ASA-201905-16", "reference_id": "ASA-201905-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-16" }, { "reference_url": "https://security.archlinux.org/AVG-959", "reference_id": "AVG-959", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-959" }, { "reference_url": "https://security.archlinux.org/AVG-960", "reference_id": "AVG-960", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-960" }, { "reference_url": "https://security.archlinux.org/AVG-961", "reference_id": "AVG-961", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-961" }, { "reference_url": "https://security.archlinux.org/AVG-962", "reference_id": "AVG-962", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-962" }, { "reference_url": "https://security.archlinux.org/AVG-963", "reference_id": "AVG-963", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-963" }, { "reference_url": "https://security.archlinux.org/AVG-964", "reference_id": "AVG-964", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-964" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5436.html", "reference_id": "CVE-2019-5436.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5436.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://support.f5.com/csp/article/K55133295", "reference_id": "K55133295", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://support.f5.com/csp/article/K55133295" }, { "reference_url": "https://support.f5.com/csp/article/K55133295?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K55133295?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://support.f5.com/csp/article/K55133295?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190606-0004/", "reference_id": "ntap-20190606-0004", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190606-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1020", "reference_id": "RHSA-2020:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2505", "reference_id": "RHSA-2020:2505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2505" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/", "reference_id": "SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/" }, { "reference_url": "https://usn.ubuntu.com/3993-1/", "reference_id": "USN-3993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-1/" }, { "reference_url": "https://usn.ubuntu.com/3993-2/", "reference_id": "USN-3993-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341966?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5436" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnr9-9qa9-vfab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61056?format=api", "vulnerability_id": "VCID-bu5q-p482-kbd2", "summary": "curl: HTTP authentication leak in redirects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03854", "scoring_system": "epss", "scoring_elements": "0.88402", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000007.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", "reference_id": "1537125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" }, { "reference_url": "https://usn.ubuntu.com/3554-2/", "reference_id": "USN-3554-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341962?format=api", "purl": "pkg:deb/debian/curl@7.58.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.58.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000007" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bu5q-p482-kbd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79695?format=api", "vulnerability_id": "VCID-bx9n-tnec-xyd1", "summary": "curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59669", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605" }, { "reference_url": "https://curl.se/docs/CVE-2003-1605.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2003-1605.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341923?format=api", "purl": "pkg:deb/debian/curl@7.10.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.10.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-1605" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bx9n-tnec-xyd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67277?format=api", "vulnerability_id": "VCID-bzpr-8cw4-zkd6", "summary": "curl: host name out of boundary memory access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3144.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01191", "scoring_system": "epss", "scoring_elements": "0.79147", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3144" }, { "reference_url": "https://curl.se/docs/CVE-2015-3144.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3144.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213335", "reference_id": "1213335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213335" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341948?format=api", "purl": "pkg:deb/debian/curl@7.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3144" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzpr-8cw4-zkd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25979?format=api", "vulnerability_id": "VCID-c7r3-5s6m-5ua1", "summary": "libcurl: Buffer Overflow in libcurl via zlib Integer Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69765", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0725" }, { "reference_url": "https://curl.se/docs/CVE-2025-0725.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://curl.se/docs/CVE-2025-0725.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2956023", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://hackerone.com/reports/2956023" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343899", "reference_id": "2343899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343899" }, { "reference_url": "https://curl.se/docs/CVE-2025-0725.json", "reference_id": "CVE-2025-0725.json", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://curl.se/docs/CVE-2025-0725.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342010?format=api", "purl": "pkg:deb/debian/curl@8.12.0%2Bgit20250209.89ed161%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.12.0%252Bgit20250209.89ed161%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0725" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7r3-5s6m-5ua1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21401?format=api", "vulnerability_id": "VCID-c88v-yygy-sbf4", "summary": "curl: libcurl: WebSocket endless loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65652", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5399" }, { "reference_url": "https://curl.se/docs/CVE-2025-5399.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://curl.se/docs/CVE-2025-5399.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3168039", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://hackerone.com/reports/3168039" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370920", "reference_id": "2370920", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370920" }, { "reference_url": "https://security.archlinux.org/ASA-202506-2", "reference_id": "ASA-202506-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202506-2" }, { "reference_url": "https://security.archlinux.org/AVG-2895", "reference_id": "AVG-2895", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2895" }, { "reference_url": "https://curl.se/docs/CVE-2025-5399.json", "reference_id": "CVE-2025-5399.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://curl.se/docs/CVE-2025-5399.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342020?format=api", "purl": "pkg:deb/debian/curl@8.14.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5399" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c88v-yygy-sbf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44959?format=api", "vulnerability_id": "VCID-cczp-jbr5-j3g1", "summary": "curl: Metalink download sends credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21011", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22923" }, { "reference_url": "https://curl.se/docs/CVE-2021-22923.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22923.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1213181", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://hackerone.com/reports/1213181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981438", "reference_id": "1981438", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981438" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3582", "reference_id": "RHSA-2021:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3903", "reference_id": "RHSA-2021:3903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3903" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22923" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cczp-jbr5-j3g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45258?format=api", "vulnerability_id": "VCID-cgpy-5qpn-dkb8", "summary": "curl: Cipher settings shared for all connections when using schannel TLS backed", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00791", "scoring_system": "epss", "scoring_elements": "0.74198", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22897" }, { "reference_url": "https://curl.se/docs/CVE-2021-22897.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://curl.se/docs/CVE-2021-22897.html" }, { "reference_url": "https://hackerone.com/reports/1172857", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://hackerone.com/reports/1172857" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964904", "reference_id": "1964904", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964904" }, { "reference_url": "https://security.archlinux.org/AVG-2016", "reference_id": "AVG-2016", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2016" }, { "reference_url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511", "reference_id": "bbb71507b7bab52002f9b1e0880bed6a32834511", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210727-0007/", "reference_id": "ntap-20210727-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22897" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgpy-5qpn-dkb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55793?format=api", "vulnerability_id": "VCID-d1pj-eqmw-9ya1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03078", "scoring_system": "epss", "scoring_elements": "0.86989", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619" }, { "reference_url": "https://curl.se/docs/CVE-2016-8619.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8619.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379", "reference_id": "1388379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8619" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1pj-eqmw-9ya1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67278?format=api", "vulnerability_id": "VCID-dcuk-131b-pbgp", "summary": "curl: cookie parser out of boundary memory access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3145.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3145.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.67994", "scoring_system": "epss", "scoring_elements": "0.98611", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3145" }, { "reference_url": "https://curl.se/docs/CVE-2015-3145.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3145.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213347", "reference_id": "1213347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213347" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341948?format=api", "purl": "pkg:deb/debian/curl@7.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3145" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcuk-131b-pbgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69295?format=api", "vulnerability_id": "VCID-ddky-6vbe-nqc8", "summary": "curl: TLS/SSL certificate name check disabled with peer verification", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58264", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4545" }, { "reference_url": "https://curl.se/docs/CVE-2013-4545.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-4545.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1029159", "reference_id": "1029159", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1029159" }, { "reference_url": "https://usn.ubuntu.com/2048-1/", "reference_id": "USN-2048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341941?format=api", "purl": "pkg:deb/debian/curl@7.33.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.33.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddky-6vbe-nqc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89893?format=api", "vulnerability_id": "VCID-ddtt-b7y9-ubgn", "summary": "curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03073", "scoring_system": "epss", "scoring_elements": "0.86977", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1263" }, { "reference_url": "https://curl.se/docs/CVE-2014-1263.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-1263.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1263" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddtt-b7y9-ubgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52362?format=api", "vulnerability_id": "VCID-dmkg-yeua-uffn", "summary": "curl: double free due to subsequent call of realloc()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03612", "scoring_system": "epss", "scoring_elements": "0.87983", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481" }, { "reference_url": "https://curl.se/docs/CVE-2019-5481.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5481.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/686823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/686823" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749402", "reference_id": "1749402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749402" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/", "reference_id": "6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009", "reference_id": "940009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5481.html", "reference_id": "CVE-2019-5481.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5481.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html", "reference_id": "msg00048.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html", "reference_id": "msg00055.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0003/", "reference_id": "ntap-20191004-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/", "reference_id": "RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0250", "reference_id": "RHSA-2020:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/", "reference_id": "UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341967?format=api", "purl": "pkg:deb/debian/curl@7.66.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.66.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5481" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmkg-yeua-uffn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18223?format=api", "vulnerability_id": "VCID-dt8a-u3bz-c3bp", "summary": "curl: libcurl: Curl out of bounds read for cookie path", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9086.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9086.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27654", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9086" }, { "reference_url": "https://curl.se/docs/CVE-2025-9086.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://curl.se/docs/CVE-2025-9086.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3294999", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://hackerone.com/reports/3294999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750", "reference_id": "2394750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750" }, { "reference_url": "https://curl.se/docs/CVE-2025-9086.json", "reference_id": "CVE-2025-9086.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://curl.se/docs/CVE-2025-9086.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23043", "reference_id": "RHSA-2025:23043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23125", "reference_id": "RHSA-2025:23125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23126", "reference_id": "RHSA-2025:23126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23127", "reference_id": "RHSA-2025:23127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23383", "reference_id": "RHSA-2025:23383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1350", "reference_id": "RHSA-2026:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1477", "reference_id": "RHSA-2026:1477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1825", "reference_id": "RHSA-2026:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342012?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342021?format=api", "purl": "pkg:deb/debian/curl@8.16.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.16.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-9086" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt8a-u3bz-c3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41976?format=api", "vulnerability_id": "VCID-dvru-kxex-aqfa", "summary": "curl: FTP-KRB bad message verification", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36649", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208" }, { "reference_url": "https://curl.se/docs/CVE-2022-32208.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32208.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1590071", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://hackerone.com/reports/1590071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099306", "reference_id": "2099306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099306" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6159", "reference_id": "RHSA-2022:6159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341975?format=api", "purl": "pkg:deb/debian/curl@7.84.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.84.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-32208" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvru-kxex-aqfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40785?format=api", "vulnerability_id": "VCID-e1rm-18vc-rkc2", "summary": "curl: HSTS bypass via IDN", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15169", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42916" }, { "reference_url": "https://curl.se/docs/CVE-2022-42916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://curl.se/docs/CVE-2022-42916.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1730660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1730660" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/12/21/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/12/21/1" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135416", "reference_id": "2135416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135416" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/", "reference_id": "37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/", "reference_id": "HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0010/", "reference_id": "ntap-20221209-0010", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/", "reference_id": "Q27V5YYMXUVI6PRZQVECON32XPVWTKDK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-42916" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1rm-18vc-rkc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55200?format=api", "vulnerability_id": "VCID-e2km-m1ta-6kes", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.72194", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594" }, { "reference_url": "https://curl.se/docs/CVE-2016-9594.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9594.html" }, { "reference_url": "http://www.securitytracker.com/id/1037528", "reference_id": "1037528", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "http://www.securitytracker.com/id/1037528" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385", "reference_id": "1408385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385" }, { "reference_url": "http://www.securityfocus.com/bid/95094", "reference_id": "95094", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "http://www.securityfocus.com/bid/95094" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161223.html", "reference_id": "adv_20161223.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161223.html" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594", "reference_id": "show_bug.cgi?id=CVE-2016-9594", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594" }, { "reference_url": "https://www.tenable.com/security/tns-2017-04", "reference_id": "tns-2017-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://www.tenable.com/security/tns-2017-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9594" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2km-m1ta-6kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30401?format=api", "vulnerability_id": "VCID-e5g7-wsrp-ybfh", "summary": "curl: freeing stack buffer in utf8asn1str", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01302", "scoring_system": "epss", "scoring_elements": "0.80055", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996", "reference_id": "1076996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299653", "reference_id": "2299653", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299653" }, { "reference_url": "https://hackerone.com/reports/2559516", "reference_id": "2559516", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://hackerone.com/reports/2559516" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/5" }, { "reference_url": "https://curl.se/docs/CVE-2024-6197.html", "reference_id": "CVE-2024-6197.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2024-6197.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-6197.json", "reference_id": "CVE-2024-6197.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2024-6197.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342001?format=api", "purl": "pkg:deb/debian/curl@8.9.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6197" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e5g7-wsrp-ybfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89899?format=api", "vulnerability_id": "VCID-e66v-z214-5kdt", "summary": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01096", "scoring_system": "epss", "scoring_elements": "0.78288", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9953" }, { "reference_url": "https://curl.se/docs/CVE-2016-9953.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9953.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9953" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e66v-z214-5kdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55284?format=api", "vulnerability_id": "VCID-e6s1-4q8v-yfdp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.70284", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000100" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000100.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000100.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/100286", "reference_id": "100286", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "http://www.securityfocus.com/bid/100286" }, { "reference_url": "http://www.securitytracker.com/id/1039118", "reference_id": "1039118", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "http://www.securitytracker.com/id/1039118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310", "reference_id": "1478310", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478310" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555", "reference_id": "871555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555" }, { "reference_url": "https://curl.haxx.se/docs/adv_20170809B.html", "reference_id": "adv_20170809B.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "https://curl.haxx.se/docs/adv_20170809B.html" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3992", "reference_id": "dsa-3992", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3992" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "HT208221", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/" } ], "url": "https://support.apple.com/HT208221" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341955?format=api", "purl": "pkg:deb/debian/curl@7.55.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.55.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000100" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6s1-4q8v-yfdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39119?format=api", "vulnerability_id": "VCID-eh7z-2y2q-efbc", "summary": "curl: FTP too eager connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11251", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535" }, { "reference_url": "https://curl.se/docs/CVE-2023-27535.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27535.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892780", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://hackerone.com/reports/1892780" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073", "reference_id": "2179073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535", "reference_id": "CVE-2023-27535", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2650", "reference_id": "RHSA-2023:2650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3106", "reference_id": "RHSA-2023:3106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341984?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27535" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eh7z-2y2q-efbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34179?format=api", "vulnerability_id": "VCID-ehmp-5g2e-eqfk", "summary": "curl: HTTP/2 push headers memory-leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84019", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498", "reference_id": "2270498", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498" }, { "reference_url": "https://hackerone.com/reports/2402845", "reference_id": "2402845", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://hackerone.com/reports/2402845" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/", "reference_id": "2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.html", "reference_id": "CVE-2024-2398.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.json", "reference_id": "CVE-2024-2398.json", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/", "reference_id": "GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0009/", "reference_id": "ntap-20240503-0009", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3998", "reference_id": "RHSA-2024:3998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5529", "reference_id": "RHSA-2024:5529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5654", "reference_id": "RHSA-2024:5654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://usn.ubuntu.com/6718-1/", "reference_id": "USN-6718-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-1/" }, { "reference_url": "https://usn.ubuntu.com/6718-2/", "reference_id": "USN-6718-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-2/" }, { "reference_url": "https://usn.ubuntu.com/6718-3/", "reference_id": "USN-6718-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342000?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341998?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2398" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehmp-5g2e-eqfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42385?format=api", "vulnerability_id": "VCID-ejxm-x6yh-duam", "summary": "curl: TLS and SSH connection too eager reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64822", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782" }, { "reference_url": "https://curl.se/docs/CVE-2022-27782.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27782.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555796", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://hackerone.com/reports/1555796" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082215", "reference_id": "2082215", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082215" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/03/20/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27782" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ejxm-x6yh-duam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34186?format=api", "vulnerability_id": "VCID-epuf-rc75-7bg3", "summary": "curl: QUIC certificate check bypass with wolfSSL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2379.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2379.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.4261", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270499", "reference_id": "2270499", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270499" }, { "reference_url": "https://hackerone.com/reports/2410774", "reference_id": "2410774", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://hackerone.com/reports/2410774" }, { "reference_url": "https://curl.se/docs/CVE-2024-2379.html", "reference_id": "CVE-2024-2379.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-2379.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2379.json", "reference_id": "CVE-2024-2379.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-2379.json" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0001/", "reference_id": "ntap-20240531-0001", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2379" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-epuf-rc75-7bg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54983?format=api", "vulnerability_id": "VCID-estk-jscu-67cg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57357", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839" }, { "reference_url": "https://curl.se/docs/CVE-2018-16839.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16839.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042012", "reference_id": "1042012", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "http://www.securitytracker.com/id/1042012" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642201", "reference_id": "1642201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642201" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "3805-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16839.html", "reference_id": "CVE-2018-16839.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16839.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4331", "reference_id": "dsa-4331", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4331" }, { "reference_url": "https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5", "reference_id": "f3a24d7916b9173c69a3e0ee790102993833d6c5", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839", "reference_id": "show_bug.cgi?id=CVE-2018-16839", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341964?format=api", "purl": "pkg:deb/debian/curl@7.62.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.62.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16839" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-estk-jscu-67cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21584?format=api", "vulnerability_id": "VCID-eu8a-mzse-zfhy", "summary": "curl: libcurl: QUIC Certificate Pinning Bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19095", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5025" }, { "reference_url": "https://curl.se/docs/CVE-2025-5025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-5025.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3153497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://hackerone.com/reports/3153497" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368888", "reference_id": "2368888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368888" }, { "reference_url": "https://security.archlinux.org/AVG-2887", "reference_id": "AVG-2887", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2887" }, { "reference_url": "https://curl.se/docs/CVE-2025-5025.json", "reference_id": "CVE-2025-5025.json", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-5025.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342019?format=api", "purl": "pkg:deb/debian/curl@8.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5025" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eu8a-mzse-zfhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56358?format=api", "vulnerability_id": "VCID-f23g-nbn2-6bac", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01171", "scoring_system": "epss", "scoring_elements": "0.78987", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8623" }, { "reference_url": "https://curl.se/docs/CVE-2016-8623.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8623.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388", "reference_id": "1388388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388388" }, { "reference_url": "http://www.securityfocus.com/bid/94106", "reference_id": "94106", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "http://www.securityfocus.com/bid/94106" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102I.html", "reference_id": "adv_20161102I.html", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102I.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://curl.haxx.se/CVE-2016-8623.patch", "reference_id": "CVE-2016-8623.patch", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://curl.haxx.se/CVE-2016-8623.patch" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623", "reference_id": "show_bug.cgi?id=CVE-2016-8623", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8623" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f23g-nbn2-6bac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42595?format=api", "vulnerability_id": "VCID-f8uz-dv1e-kkab", "summary": "curl: bad local IPv6 connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35609", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27775" }, { "reference_url": "https://curl.se/docs/CVE-2022-27775.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27775.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1546268", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:32:36Z/" } ], "url": "https://hackerone.com/reports/1546268" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010253", "reference_id": "1010253", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010253" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078388", "reference_id": "2078388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078388" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:32:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:32:36Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:32:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8299", "reference_id": "RHSA-2022:8299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8299" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341973?format=api", "purl": "pkg:deb/debian/curl@7.83.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27775" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8uz-dv1e-kkab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58415?format=api", "vulnerability_id": "VCID-fbr5-4t5f-bkaz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01549", "scoring_system": "epss", "scoring_elements": "0.8171", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8625" }, { "reference_url": "https://curl.se/docs/CVE-2016-8625.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8625.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388392", "reference_id": "1388392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388392" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8625" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbr5-4t5f-bkaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8126?format=api", "vulnerability_id": "VCID-fdqn-e8uu-j3hx", "summary": "curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3805.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09116", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3805" }, { "reference_url": "https://curl.se/docs/CVE-2026-3805.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://curl.se/docs/CVE-2026-3805.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3591944", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://hackerone.com/reports/3591944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446451", "reference_id": "2446451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446451" }, { "reference_url": "https://curl.se/docs/CVE-2026-3805.json", "reference_id": "CVE-2026-3805.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://curl.se/docs/CVE-2026-3805.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342023?format=api", "purl": "pkg:deb/debian/curl@8.19.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.19.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-3805" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fdqn-e8uu-j3hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42383?format=api", "vulnerability_id": "VCID-fqsr-v5rs-4ygc", "summary": "curl: CERTINFO never-ending busy-loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23073", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781" }, { "reference_url": "https://curl.se/docs/CVE-2022-27781.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27781.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555441", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://hackerone.com/reports/1555441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082204", "reference_id": "2082204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082204" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27781" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqsr-v5rs-4ygc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40216?format=api", "vulnerability_id": "VCID-frj4-zf2v-87g2", "summary": "curl: HSTS bypass via IDN", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15613", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43551" }, { "reference_url": "https://curl.se/docs/CVE-2022-43551.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-43551.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1755083", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/" } ], "url": "https://hackerone.com/reports/1755083" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829", "reference_id": "1026829", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639", "reference_id": "2152639", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0007/", "reference_id": "ntap-20230427-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/", "reference_id": "TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/" }, { "reference_url": "https://usn.ubuntu.com/5788-1/", "reference_id": "USN-5788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5788-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341980?format=api", "purl": "pkg:deb/debian/curl@7.86.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-43551" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frj4-zf2v-87g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45577?format=api", "vulnerability_id": "VCID-ftpd-hkjh-6udf", "summary": "curl: Leak of authentication credentials in URL via automatic Referer", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29911", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876" }, { "reference_url": "https://curl.se/docs/CVE-2021-22876.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1101882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://hackerone.com/reports/1101882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964", "reference_id": "1941964", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269", "reference_id": "986269", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.archlinux.org/AVG-1757", "reference_id": "AVG-1757", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1757" }, { "reference_url": "https://security.archlinux.org/AVG-1758", "reference_id": "AVG-1758", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1758" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" }, { "reference_url": "https://usn.ubuntu.com/4903-1/", "reference_id": "USN-4903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341970?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22876" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftpd-hkjh-6udf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59261?format=api", "vulnerability_id": "VCID-fvrp-ctdg-kqah", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01009", "scoring_system": "epss", "scoring_elements": "0.77381", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586" }, { "reference_url": "https://curl.se/docs/CVE-2016-9586.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9586.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037515", "reference_id": "1037515", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "http://www.securitytracker.com/id/1037515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712", "reference_id": "1406712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958", "reference_id": "848958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958" }, { "reference_url": "http://www.securityfocus.com/bid/95019", "reference_id": "95019", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "http://www.securityfocus.com/bid/95019" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161221A.html", "reference_id": "adv_20161221A.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161221A.html" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16", "reference_id": "curl-7_51_0-162-g3ab3c16", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586", "reference_id": "show_bug.cgi?id=CVE-2016-9586", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341954?format=api", "purl": "pkg:deb/debian/curl@7.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9586" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvrp-ctdg-kqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55715?format=api", "vulnerability_id": "VCID-fz2p-bn31-2yha", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58774", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000005" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000005.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536013", "reference_id": "1536013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536013" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341962?format=api", "purl": "pkg:deb/debian/curl@7.58.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.58.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000005" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fz2p-bn31-2yha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74111?format=api", "vulnerability_id": "VCID-g3rz-vtae-h3cw", "summary": "curl: incorrect verification of SSL certificate with NUL in name", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0733", "scoring_system": "epss", "scoring_elements": "0.91809", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417" }, { "reference_url": "https://curl.se/docs/CVE-2009-2417.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-2417.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181", "reference_id": "516181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991", "reference_id": "541991", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991" }, { "reference_url": "https://security.gentoo.org/glsa/200909-20", "reference_id": "GLSA-200909-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1209", "reference_id": "RHSA-2009:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1209" }, { "reference_url": "https://usn.ubuntu.com/1158-1/", "reference_id": "USN-1158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1158-1/" }, { "reference_url": "https://usn.ubuntu.com/818-1/", "reference_id": "USN-818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341933?format=api", "purl": "pkg:deb/debian/curl@7.19.5-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.19.5-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2417" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g3rz-vtae-h3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21586?format=api", "vulnerability_id": "VCID-g6cd-5nuc-73bx", "summary": "libcurl: curl: QUIC certificate check skip with wolfSSL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22697", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4947" }, { "reference_url": "https://curl.se/docs/CVE-2025-4947.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://curl.se/docs/CVE-2025-4947.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3150884", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://hackerone.com/reports/3150884" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368887", "reference_id": "2368887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368887" }, { "reference_url": "https://security.archlinux.org/AVG-2887", "reference_id": "AVG-2887", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2887" }, { "reference_url": "https://curl.se/docs/CVE-2025-4947.json", "reference_id": "CVE-2025-4947.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://curl.se/docs/CVE-2025-4947.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342019?format=api", "purl": "pkg:deb/debian/curl@8.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4947" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6cd-5nuc-73bx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80152?format=api", "vulnerability_id": "VCID-gg9j-f99e-qfgn", "summary": "Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03827", "scoring_system": "epss", "scoring_elements": "0.88331", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1061" }, { "reference_url": "https://curl.se/docs/CVE-2006-1061.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2006-1061.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1061" }, { "reference_url": "https://security.gentoo.org/glsa/200603-19", "reference_id": "GLSA-200603-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341930?format=api", "purl": "pkg:deb/debian/curl@7.15.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.15.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-1061" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9j-f99e-qfgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59165?format=api", "vulnerability_id": "VCID-gme9-9d93-8bgk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76414", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0138" }, { "reference_url": "https://curl.se/docs/CVE-2014-0138.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-0138.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079148", "reference_id": "1079148", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079148" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728", "reference_id": "742728", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728" }, { "reference_url": "https://security.gentoo.org/glsa/201406-21", "reference_id": "GLSA-201406-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0561", "reference_id": "RHSA-2014:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0561" }, { "reference_url": "https://usn.ubuntu.com/2167-1/", "reference_id": "USN-2167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341944?format=api", "purl": "pkg:deb/debian/curl@7.36.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.36.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0138" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gme9-9d93-8bgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5982?format=api", "vulnerability_id": "VCID-guzm-25ur-qkgz", "summary": "curl: libcurl: Credential leak via reused proxy connection during HTTP redirects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0622", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461205", "reference_id": "2461205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461205" }, { "reference_url": "https://hackerone.com/reports/3677759", "reference_id": "3677759", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://hackerone.com/reports/3677759" }, { "reference_url": "https://curl.se/docs/CVE-2026-6429.html", "reference_id": "CVE-2026-6429.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://curl.se/docs/CVE-2026-6429.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-6429.json", "reference_id": "CVE-2026-6429.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://curl.se/docs/CVE-2026-6429.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342025?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6429" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-guzm-25ur-qkgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47894?format=api", "vulnerability_id": "VCID-h4ad-94qh-ufhy", "summary": "curl: Incorrect argument check can allow remote servers to overwrite local files", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0544", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177" }, { "reference_url": "https://curl.se/docs/CVE-2020-8177.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/887462", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://hackerone.com/reports/887462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847915", "reference_id": "1847915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847915" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281", "reference_id": "965281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281" }, { "reference_url": "https://security.archlinux.org/AVG-1194", "reference_id": "AVG-1194", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1194" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202007-16", "reference_id": "GLSA-202007-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4599", "reference_id": "RHSA-2020:4599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5002", "reference_id": "RHSA-2020:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5417", "reference_id": "RHSA-2020:5417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4402-1/", "reference_id": "USN-4402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341968?format=api", "purl": "pkg:deb/debian/curl@7.72.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.72.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8177" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h4ad-94qh-ufhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42592?format=api", "vulnerability_id": "VCID-h6tz-3ztg-byhr", "summary": "curl: credential leak on redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54801", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774" }, { "reference_url": "https://curl.se/docs/CVE-2022-27774.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27774.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1543773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://hackerone.com/reports/1543773" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254", "reference_id": "1010254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547", "reference_id": "2077547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341973?format=api", "purl": "pkg:deb/debian/curl@7.83.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27774" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6tz-3ztg-byhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53384?format=api", "vulnerability_id": "VCID-h83c-eud2-p7br", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37254", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5435" }, { "reference_url": "https://curl.se/docs/CVE-2019-5435.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5435.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435" }, { "reference_url": "https://hackerone.com/reports/547630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/547630" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609", "reference_id": "1710609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352", "reference_id": "929352", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352" }, { "reference_url": "https://security.archlinux.org/ASA-201905-13", "reference_id": "ASA-201905-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-13" }, { "reference_url": "https://security.archlinux.org/ASA-201905-14", "reference_id": "ASA-201905-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-14" }, { "reference_url": "https://security.archlinux.org/ASA-201905-15", "reference_id": "ASA-201905-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-15" }, { "reference_url": "https://security.archlinux.org/AVG-961", "reference_id": "AVG-961", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-961" }, { "reference_url": "https://security.archlinux.org/AVG-962", "reference_id": "AVG-962", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-962" }, { "reference_url": "https://security.archlinux.org/AVG-963", "reference_id": "AVG-963", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-963" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4383", "reference_id": "RHSA-2020:4383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4384", "reference_id": "RHSA-2020:4384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "reference_url": "https://usn.ubuntu.com/3993-1/", "reference_id": "USN-3993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341966?format=api", "purl": "pkg:deb/debian/curl@7.64.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5435" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h83c-eud2-p7br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69958?format=api", "vulnerability_id": "VCID-hg7c-ydk3-7ybq", "summary": "curl: Cookie domain suffix match vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85537", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944" }, { "reference_url": "https://curl.se/docs/CVE-2013-1944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-1944.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274", "reference_id": "705274", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577", "reference_id": "950577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0771", "reference_id": "RHSA-2013:0771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0771" }, { "reference_url": "https://usn.ubuntu.com/1801-1/", "reference_id": "USN-1801-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1801-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341939?format=api", "purl": "pkg:deb/debian/curl@7.29.0-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.29.0-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1944" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hg7c-ydk3-7ybq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69181?format=api", "vulnerability_id": "VCID-hk4n-peps-yuck", "summary": "curl: TLS/SSL certificate name check disabled with peer verification when using GnuTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48825", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6422" }, { "reference_url": "https://curl.se/docs/CVE-2013-6422.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-6422.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1037918", "reference_id": "1037918", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1037918" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://usn.ubuntu.com/2058-1/", "reference_id": "USN-2058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341942?format=api", "purl": "pkg:deb/debian/curl@7.34.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.34.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-6422" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hk4n-peps-yuck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60012?format=api", "vulnerability_id": "VCID-hpqq-n6y2-suf3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.641", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8816" }, { "reference_url": "https://curl.se/docs/CVE-2017-8816.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8816.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101998", "reference_id": "101998", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "http://www.securityfocus.com/bid/101998" }, { "reference_url": "http://www.securitytracker.com/id/1039896", "reference_id": "1039896", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "http://www.securitytracker.com/id/1039896" }, { "reference_url": "http://www.securitytracker.com/id/1040608", "reference_id": "1040608", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "http://www.securitytracker.com/id/1040608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757", "reference_id": "1515757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515757" }, { "reference_url": "https://curl.haxx.se/docs/adv_2017-12e7.html", "reference_id": "adv_2017-12e7.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "https://curl.haxx.se/docs/adv_2017-12e7.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" }, { "reference_url": "http://security.cucumberlinux.com/security/details.php?id=161", "reference_id": "details.php?id=161", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "http://security.cucumberlinux.com/security/details.php?id=161" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4051", "reference_id": "dsa-4051", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4051" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/" } ], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3498-1/", "reference_id": "USN-3498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341960?format=api", "purl": "pkg:deb/debian/curl@7.57.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.57.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-8816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hpqq-n6y2-suf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42381?format=api", "vulnerability_id": "VCID-hsjj-6vfn-4ugt", "summary": "curl: cookie for trailing dot TLD", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27779.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27779.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47158", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27779" }, { "reference_url": "https://curl.se/docs/CVE-2022-27779.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27779.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1553301" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082202", "reference_id": "2082202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082202" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27779" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsjj-6vfn-4ugt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74671?format=api", "vulnerability_id": "VCID-jeet-9rt6-vygh", "summary": "curl: local file access via unsafe redirects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09919", "scoring_system": "epss", "scoring_elements": "0.9314", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037" }, { "reference_url": "https://curl.se/docs/CVE-2009-0037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-0037.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271", "reference_id": "485271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423", "reference_id": "518423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt" }, { "reference_url": "https://www.securityfocus.com/bid/33962/info", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/33962/info" }, { "reference_url": "https://security.gentoo.org/glsa/200903-21", "reference_id": "GLSA-200903-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200903-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0341", "reference_id": "RHSA-2009:0341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0341" }, { "reference_url": "https://usn.ubuntu.com/726-1/", "reference_id": "USN-726-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/726-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341932?format=api", "purl": "pkg:deb/debian/curl@7.18.2-8.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.18.2-8.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0037" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeet-9rt6-vygh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44562?format=api", "vulnerability_id": "VCID-jj7m-un1g-8uan", "summary": "curl: Server responses received before STARTTLS processed after TLS handshake", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48823", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947" }, { "reference_url": "https://curl.se/docs/CVE-2021-22947.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22947.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334763", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://hackerone.com/reports/1334763" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003191", "reference_id": "2003191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003191" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4059", "reference_id": "RHSA-2021:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0635", "reference_id": "RHSA-2022:0635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22947" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj7m-un1g-8uan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53205?format=api", "vulnerability_id": "VCID-jtdd-1117-5qfz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5874", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629" }, { "reference_url": "https://curl.se/docs/CVE-2017-2629.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-2629.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746", "reference_id": "1425746", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746" }, { "reference_url": "https://security.archlinux.org/ASA-201703-1", "reference_id": "ASA-201703-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-1" }, { "reference_url": "https://security.archlinux.org/AVG-179", "reference_id": "AVG-179", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-179" }, { "reference_url": "https://security.archlinux.org/AVG-180", "reference_id": "AVG-180", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-180" }, { "reference_url": "https://security.archlinux.org/AVG-181", "reference_id": "AVG-181", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-181" }, { "reference_url": "https://security.archlinux.org/AVG-182", "reference_id": "AVG-182", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-182" }, { "reference_url": "https://security.archlinux.org/AVG-183", "reference_id": "AVG-183", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-183" }, { "reference_url": "https://security.archlinux.org/AVG-184", "reference_id": "AVG-184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-184" }, { "reference_url": "https://security.gentoo.org/glsa/201703-04", "reference_id": "GLSA-201703-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201703-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341957?format=api", "purl": "pkg:deb/debian/curl@7.52.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-2629" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtdd-1117-5qfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44961?format=api", "vulnerability_id": "VCID-jukq-4rsf-f7hb", "summary": "curl: Bad connection reuse due to flawed path name checks", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.7337", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924" }, { "reference_url": "https://curl.se/docs/CVE-2021-22924.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22924.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223565", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://hackerone.com/reports/1223565" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981460", "reference_id": "1981460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981460" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492", "reference_id": "991492", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924", "reference_id": "CVE-2021-22924", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3582", "reference_id": "RHSA-2021:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "reference_id": "ssa-732250.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22924" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jukq-4rsf-f7hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39126?format=api", "vulnerability_id": "VCID-k232-kks1-hygq", "summary": "curl: SSH connection too eager reuse still", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01704", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538" }, { "reference_url": "https://curl.se/docs/CVE-2023-27538.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27538.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1898475", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://hackerone.com/reports/1898475" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103", "reference_id": "2179103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538", "reference_id": "CVE-2023-27538", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341984?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27538" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k232-kks1-hygq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5044?format=api", "vulnerability_id": "VCID-k93r-eqgb-fqgq", "summary": "curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23395", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7168" }, { "reference_url": "https://curl.se/docs/CVE-2026-7168.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2026-7168.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3697719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/3697719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476979", "reference_id": "2476979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19106", "reference_id": "RHSA-2026:19106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19106" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342026?format=api", "purl": "pkg:deb/debian/curl@8.20.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-7168" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k93r-eqgb-fqgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30094?format=api", "vulnerability_id": "VCID-kmd7-ntaa-ffcv", "summary": "curl: libcurl: ASN.1 date parser overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74283", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/31/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656", "reference_id": "1077656", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "reference_id": "2301888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888" }, { "reference_url": "https://hackerone.com/reports/2629968", "reference_id": "2629968", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://hackerone.com/reports/2629968" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.html", "reference_id": "CVE-2024-7264.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.json", "reference_id": "CVE-2024-7264.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7726", "reference_id": "RHSA-2024:7726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/6944-1/", "reference_id": "USN-6944-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-1/" }, { "reference_url": "https://usn.ubuntu.com/6944-2/", "reference_id": "USN-6944-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342002?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342003?format=api", "purl": "pkg:deb/debian/curl@8.9.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7264" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kmd7-ntaa-ffcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8896?format=api", "vulnerability_id": "VCID-kmgp-mppy-5ygb", "summary": "wcurl: wcurl: Arbitrary file placement via crafted URLs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11563.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11563.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05862", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11563" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442571", "reference_id": "2442571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442571" }, { "reference_url": "https://curl.se/docs/CVE-2025-11563.html", "reference_id": "CVE-2025-11563.html", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T18:53:51Z/" } ], "url": "https://curl.se/docs/CVE-2025-11563.html" }, { "reference_url": "https://curl.se/docs/CVE-2025-11563.json", "reference_id": "CVE-2025-11563.json", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T18:53:51Z/" } ], "url": "https://curl.se/docs/CVE-2025-11563.json" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342015?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342014?format=api", "purl": "pkg:deb/debian/curl@8.17.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.17.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-11563" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kmgp-mppy-5ygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5980?format=api", "vulnerability_id": "VCID-ku14-1pmr-pbbd", "summary": "curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6276", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02096", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461203", "reference_id": "2461203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461203" }, { "reference_url": "https://hackerone.com/reports/3671818", "reference_id": "3671818", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/" } ], "url": "https://hackerone.com/reports/3671818" }, { "reference_url": "https://curl.se/docs/CVE-2026-6276.html", "reference_id": "CVE-2026-6276.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/" } ], "url": "https://curl.se/docs/CVE-2026-6276.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-6276.json", "reference_id": "CVE-2026-6276.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/" } ], "url": "https://curl.se/docs/CVE-2026-6276.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342025?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6276" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku14-1pmr-pbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42382?format=api", "vulnerability_id": "VCID-kudb-x77h-1ud4", "summary": "curl: percent-encoded path separator in URL host", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27780.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27780.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36381", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27780" }, { "reference_url": "https://curl.se/docs/CVE-2022-27780.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27780.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553841", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://hackerone.com/reports/1553841" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082203", "reference_id": "2082203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082203" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27780" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kudb-x77h-1ud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65431?format=api", "vulnerability_id": "VCID-m3hp-gvpn-4kea", "summary": "curl: TLS certificate name check bypass with mbedTLS and PolarSSL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.7801", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3739" }, { "reference_url": "https://curl.se/docs/CVE-2016-3739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-3739.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335430", "reference_id": "1335430", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335430" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341952?format=api", "purl": "pkg:deb/debian/curl@7.50.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.50.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-3739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3hp-gvpn-4kea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34175?format=api", "vulnerability_id": "VCID-mgx1-3ku7-sffc", "summary": "curl: TLS certificate check bypass with mbedTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35157", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270497", "reference_id": "2270497", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270497" }, { "reference_url": "https://hackerone.com/reports/2416725", "reference_id": "2416725", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://hackerone.com/reports/2416725" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4" }, { "reference_url": "https://curl.se/docs/CVE-2024-2466.html", "reference_id": "CVE-2024-2466.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://curl.se/docs/CVE-2024-2466.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2466.json", "reference_id": "CVE-2024-2466.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://curl.se/docs/CVE-2024-2466.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0010/", "reference_id": "ntap-20240503-0010", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2466" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgx1-3ku7-sffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89896?format=api", "vulnerability_id": "VCID-mr15-byak-dfhx", "summary": "Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01628", "scoring_system": "epss", "scoring_elements": "0.82178", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4606" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4606" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mr15-byak-dfhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39124?format=api", "vulnerability_id": "VCID-mse9-j9av-t7bh", "summary": "curl: HSTS double-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21861", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27537" }, { "reference_url": "https://curl.se/docs/CVE-2023-27537.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27537.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1897203", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1897203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179097", "reference_id": "2179097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179097" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537", "reference_id": "CVE-2023-27537", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27537" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mse9-j9av-t7bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67086?format=api", "vulnerability_id": "VCID-mw8z-vyq4-5kf3", "summary": "curl: SMB send off unrelated memory contents", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3237.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05127", "scoring_system": "epss", "scoring_elements": "0.89995", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3237" }, { "reference_url": "https://curl.se/docs/CVE-2015-3237.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3237.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233814", "reference_id": "1233814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233814" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341950?format=api", "purl": "pkg:deb/debian/curl@7.43.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.43.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3237" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mw8z-vyq4-5kf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35554?format=api", "vulnerability_id": "VCID-mz1c-c4b2-j7gy", "summary": "curl: OCSP verification bypass with TLS session reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40295", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262097", "reference_id": "2262097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262097" }, { "reference_url": "https://hackerone.com/reports/2298922", "reference_id": "2298922", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://hackerone.com/reports/2298922" }, { "reference_url": "https://curl.se/docs/CVE-2024-0853.html", "reference_id": "CVE-2024-0853.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://curl.se/docs/CVE-2024-0853.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-0853.json", "reference_id": "CVE-2024-0853.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://curl.se/docs/CVE-2024-0853.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0004/", "reference_id": "ntap-20240307-0004", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0004/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0009/", "reference_id": "ntap-20240426-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0012/", "reference_id": "ntap-20240503-0012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341995?format=api", "purl": "pkg:deb/debian/curl@8.6.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.6.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0853" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mz1c-c4b2-j7gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44561?format=api", "vulnerability_id": "VCID-n38z-qhum-ffgs", "summary": "curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19731", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946" }, { "reference_url": "https://curl.se/docs/CVE-2021-22946.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22946.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334111", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://hackerone.com/reports/1334111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589", "reference_id": "1017589", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003175", "reference_id": "2003175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003175" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0008/", "reference_id": "ntap-20220121-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4059", "reference_id": "RHSA-2021:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0635", "reference_id": "RHSA-2022:0635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22946" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n38z-qhum-ffgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18221?format=api", "vulnerability_id": "VCID-ncpq-4ws5-eyh2", "summary": "curl: predictable WebSocket mask", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10148.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44539", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10148" }, { "reference_url": "https://curl.se/docs/CVE-2025-10148.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://curl.se/docs/CVE-2025-10148.html" }, { "reference_url": "https://hackerone.com/reports/3330839", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://hackerone.com/reports/3330839" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394749", "reference_id": "2394749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394749" }, { "reference_url": "https://curl.se/docs/CVE-2025-10148.json", "reference_id": "CVE-2025-10148.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://curl.se/docs/CVE-2025-10148.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342012?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342011?format=api", "purl": "pkg:deb/debian/curl@8.16.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.16.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-10148" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpq-4ws5-eyh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58041?format=api", "vulnerability_id": "VCID-ngrp-9xg2-g7cw", "summary": "curl: NTLM password overflow via integer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65982", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618" }, { "reference_url": "https://curl.se/docs/CVE-2018-14618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-14618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1041605", "reference_id": "1041605", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "http://www.securitytracker.com/id/1041605" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622707", "reference_id": "1622707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622707" }, { "reference_url": "https://usn.ubuntu.com/3765-1/", "reference_id": "3765-1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://usn.ubuntu.com/3765-1/" }, { "reference_url": "https://usn.ubuntu.com/3765-2/", "reference_id": "3765-2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://usn.ubuntu.com/3765-2/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327", "reference_id": "908327", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-14618.html", "reference_id": "CVE-2018-14618.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4286", "reference_id": "dsa-4286", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4286" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1880", "reference_id": "RHSA-2019:1880", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1880" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", "reference_id": "show_bug.cgi?id=CVE-2018-14618", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", "reference_id": "SNWLID-2018-0014", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341964?format=api", "purl": "pkg:deb/debian/curl@7.62.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.62.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-14618" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngrp-9xg2-g7cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38502?format=api", "vulnerability_id": "VCID-nhst-thye-guh2", "summary": "curl: use after free in SSH sha256 fingerprint check", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55314", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28319" }, { "reference_url": "https://curl.se/docs/CVE-2023-28319.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28319.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1913733", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://hackerone.com/reports/1913733" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778", "reference_id": "2196778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341985?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28319" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhst-thye-guh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55654?format=api", "vulnerability_id": "VCID-njfg-99cj-cfh4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0167", "scoring_system": "epss", "scoring_elements": "0.8243", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0139" }, { "reference_url": "https://curl.se/docs/CVE-2014-0139.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-0139.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079149", "reference_id": "1079149", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079149" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728", "reference_id": "742728", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728" }, { "reference_url": "https://security.gentoo.org/glsa/201406-21", "reference_id": "GLSA-201406-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-21" }, { "reference_url": "https://usn.ubuntu.com/2167-1/", "reference_id": "USN-2167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341944?format=api", "purl": "pkg:deb/debian/curl@7.36.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.36.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0139" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njfg-99cj-cfh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39433?format=api", "vulnerability_id": "VCID-nmwe-9bw8-2ud1", "summary": "curl: HSTS ignored on multiple requests", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29202", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23914" }, { "reference_url": "https://curl.se/docs/CVE-2023-23914.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-23914.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1813864", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/" } ], "url": "https://hackerone.com/reports/1813864" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371", "reference_id": "1031371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797", "reference_id": "2167797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230309-0006/", "reference_id": "ntap-20230309-0006", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://usn.ubuntu.com/5891-1/", "reference_id": "USN-5891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341981?format=api", "purl": "pkg:deb/debian/curl@7.88.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-23914" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmwe-9bw8-2ud1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54421?format=api", "vulnerability_id": "VCID-nqds-umrs-37dd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01242", "scoring_system": "epss", "scoring_elements": "0.79575", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500" }, { "reference_url": "https://curl.se/docs/CVE-2018-0500.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-0500.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597101", "reference_id": "1597101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546", "reference_id": "903546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546" }, { "reference_url": "https://security.archlinux.org/ASA-201807-10", "reference_id": "ASA-201807-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-10" }, { "reference_url": "https://security.archlinux.org/ASA-201807-5", "reference_id": "ASA-201807-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-5" }, { "reference_url": "https://security.archlinux.org/ASA-201807-6", "reference_id": "ASA-201807-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-6" }, { "reference_url": "https://security.archlinux.org/ASA-201807-7", "reference_id": "ASA-201807-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-7" }, { "reference_url": "https://security.archlinux.org/ASA-201807-8", "reference_id": "ASA-201807-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-8" }, { "reference_url": "https://security.archlinux.org/ASA-201807-9", "reference_id": "ASA-201807-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-9" }, { "reference_url": "https://security.archlinux.org/AVG-729", "reference_id": "AVG-729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-729" }, { "reference_url": "https://security.archlinux.org/AVG-730", "reference_id": "AVG-730", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-730" }, { "reference_url": "https://security.archlinux.org/AVG-731", "reference_id": "AVG-731", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-731" }, { "reference_url": "https://security.archlinux.org/AVG-732", "reference_id": "AVG-732", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-732" }, { "reference_url": "https://security.archlinux.org/AVG-733", "reference_id": "AVG-733", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-733" }, { "reference_url": "https://security.archlinux.org/AVG-734", "reference_id": "AVG-734", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-734" }, { "reference_url": "https://security.gentoo.org/glsa/201807-04", "reference_id": "GLSA-201807-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201807-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3710-1/", "reference_id": "USN-3710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341961?format=api", "purl": "pkg:deb/debian/curl@7.61.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.61.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-0500" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqds-umrs-37dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56774?format=api", "vulnerability_id": "VCID-ntp8-1uak-t7gp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00926", "scoring_system": "epss", "scoring_elements": "0.76372", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000300.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000300.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575533", "reference_id": "1575533", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575533" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341963?format=api", "purl": "pkg:deb/debian/curl@7.60.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.60.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000300" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntp8-1uak-t7gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46273?format=api", "vulnerability_id": "VCID-nuef-bv37-hfaz", "summary": "curl: FTP PASV command response can cause curl to connect to arbitrary host", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27993", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284" }, { "reference_url": "https://curl.se/docs/CVE-2020-8284.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1040166", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://hackerone.com/reports/1040166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667", "reference_id": "1902667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163", "reference_id": "977163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341969?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8284" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuef-bv37-hfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47895?format=api", "vulnerability_id": "VCID-nwfb-k7dk-w3bs", "summary": "libcurl: partial password leak over DNS on HTTP redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24213", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8169" }, { "reference_url": "https://curl.se/docs/CVE-2020-8169.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8169.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/874778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/874778" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847916", "reference_id": "1847916", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847916" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280", "reference_id": "965280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280" }, { "reference_url": "https://security.archlinux.org/AVG-1194", "reference_id": "AVG-1194", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1194" }, { "reference_url": "https://security.gentoo.org/glsa/202007-16", "reference_id": "GLSA-202007-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4402-1/", "reference_id": "USN-4402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341968?format=api", "purl": "pkg:deb/debian/curl@7.72.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.72.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8169" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwfb-k7dk-w3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41971?format=api", "vulnerability_id": "VCID-p2p1-bs19-53hd", "summary": "curl: Set-Cookie denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32205.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32205.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02247", "scoring_system": "epss", "scoring_elements": "0.84844", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32205" }, { "reference_url": "https://curl.se/docs/CVE-2022-32205.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32205.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1569946", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://hackerone.com/reports/1569946" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099296", "reference_id": "2099296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099296" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2771", "reference_id": "AVG-2771", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2771" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341975?format=api", "purl": "pkg:deb/debian/curl@7.84.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.84.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-32205" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2p1-bs19-53hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41975?format=api", "vulnerability_id": "VCID-p6hr-p4dr-cyh7", "summary": "curl: Unpreserved file permissions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46313", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32207" }, { "reference_url": "https://curl.se/docs/CVE-2022-32207.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32207.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1573634", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://hackerone.com/reports/1573634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099305", "reference_id": "2099305", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099305" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341975?format=api", "purl": "pkg:deb/debian/curl@7.84.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.84.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-32207" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p6hr-p4dr-cyh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66047?format=api", "vulnerability_id": "VCID-p9gw-tfvj-xfb7", "summary": "curl: NTLM credentials not-checked for proxy connection re-use", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57447", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0755" }, { "reference_url": "https://curl.se/docs/CVE-2016-0755.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0755.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263", "reference_id": "1302263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302263" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/2882-1/", "reference_id": "USN-2882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341951?format=api", "purl": "pkg:deb/debian/curl@7.47.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.47.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0755" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9gw-tfvj-xfb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73489?format=api", "vulnerability_id": "VCID-pgqj-25tn-akf3", "summary": "curl: zlib-compression causes curl to pass more than CURL_MAX_WRITE_SIZE bytes to write callback", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0734.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0548", "scoring_system": "epss", "scoring_elements": "0.90344", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0734" }, { "reference_url": "https://curl.se/docs/CVE-2010-0734.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2010-0734.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=563220", "reference_id": "563220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=563220" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0273", "reference_id": "RHSA-2010:0273", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0329", "reference_id": "RHSA-2010:0329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0329" }, { "reference_url": "https://usn.ubuntu.com/1158-1/", "reference_id": "USN-1158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1158-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341934?format=api", "purl": "pkg:deb/debian/curl@7.20.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.20.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0734" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgqj-25tn-akf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52369?format=api", "vulnerability_id": "VCID-pru2-7vs6-ryf4", "summary": "curl: heap buffer overflow in function tftp_receive_packet()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09715", "scoring_system": "epss", "scoring_elements": "0.93059", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482" }, { "reference_url": "https://curl.se/docs/CVE-2019-5482.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/684603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/684603" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749652", "reference_id": "1749652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749652" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/", "reference_id": "6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010", "reference_id": "940010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5482.html", "reference_id": "CVE-2019-5482.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html", "reference_id": "msg00048.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html", "reference_id": "msg00055.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0003/", "reference_id": "ntap-20191004-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200416-0003/", "reference_id": "ntap-20200416-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/", "reference_id": "RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0250", "reference_id": "RHSA-2020:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1792", "reference_id": "RHSA-2020:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3916", "reference_id": "RHSA-2020:3916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0759", "reference_id": "RHSA-2021:0759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0759" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0877", "reference_id": "RHSA-2021:0877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1027", "reference_id": "RHSA-2021:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1027" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/", "reference_id": "UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" }, { "reference_url": "https://usn.ubuntu.com/4129-2/", "reference_id": "USN-4129-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341967?format=api", "purl": "pkg:deb/debian/curl@7.66.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.66.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5482" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pru2-7vs6-ryf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38505?format=api", "vulnerability_id": "VCID-ptdk-wtvg-zkaw", "summary": "curl: IDN wildcard match may lead to Improper Cerificate Validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53255", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321" }, { "reference_url": "https://curl.se/docs/CVE-2023-28321.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28321.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1950627", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://hackerone.com/reports/1950627" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786", "reference_id": "2196786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341986?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341985?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28321" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptdk-wtvg-zkaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30402?format=api", "vulnerability_id": "VCID-q9s4-8jng-j7ht", "summary": "curl: macidn punycode buffer overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0099", "scoring_system": "epss", "scoring_elements": "0.77174", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6874" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996", "reference_id": "1076996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299654", "reference_id": "2299654", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299654" }, { "reference_url": "https://hackerone.com/reports/2604391", "reference_id": "2604391", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://hackerone.com/reports/2604391" }, { "reference_url": "https://curl.se/docs/CVE-2024-6874.html", "reference_id": "CVE-2024-6874.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-6874.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-6874.json", "reference_id": "CVE-2024-6874.json", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-6874.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342001?format=api", "purl": "pkg:deb/debian/curl@8.9.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6874" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9s4-8jng-j7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5981?format=api", "vulnerability_id": "VCID-qax6-9qcb-6yah", "summary": "curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11312", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461204", "reference_id": "2461204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461204" }, { "reference_url": "https://hackerone.com/reports/3642555", "reference_id": "3642555", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://hackerone.com/reports/3642555" }, { "reference_url": "https://curl.se/docs/CVE-2026-5545.html", "reference_id": "CVE-2026-5545.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://curl.se/docs/CVE-2026-5545.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-5545.json", "reference_id": "CVE-2026-5545.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://curl.se/docs/CVE-2026-5545.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342024?format=api", "purl": "pkg:deb/debian/curl@8.20.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-5545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qax6-9qcb-6yah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67913?format=api", "vulnerability_id": "VCID-qc6p-1m1y-a3ar", "summary": "curl: URL request injection vulnerability in parseurlandfillconn()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79432", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150" }, { "reference_url": "https://curl.se/docs/CVE-2014-8150.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-8150.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692", "reference_id": "1178692", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2474-1/", "reference_id": "USN-2474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341947?format=api", "purl": "pkg:deb/debian/curl@7.38.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8150" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qc6p-1m1y-a3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54717?format=api", "vulnerability_id": "VCID-qkp2-se93-mka8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01147", "scoring_system": "epss", "scoring_elements": "0.78768", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890" }, { "reference_url": "https://curl.se/docs/CVE-2018-16890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106947", "reference_id": "106947", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "http://www.securityfocus.com/bid/106947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252", "reference_id": "1670252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670252" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "3882-1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16890.html", "reference_id": "CVE-2018-16890.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890", "reference_id": "show_bug.cgi?id=CVE-2018-16890", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341965?format=api", "purl": "pkg:deb/debian/curl@7.64.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16890" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkp2-se93-mka8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38504?format=api", "vulnerability_id": "VCID-qqyy-ejjy-zugp", "summary": "curl: siglongjmp race condition may lead to crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70928", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28320" }, { "reference_url": "https://curl.se/docs/CVE-2023-28320.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28320.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1929597", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://hackerone.com/reports/1929597" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196783", "reference_id": "2196783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196783" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341985?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28320" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqyy-ejjy-zugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67279?format=api", "vulnerability_id": "VCID-qrrf-z64u-zkck", "summary": "curl: Negotiate not treated as connection-oriented", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01422", "scoring_system": "epss", "scoring_elements": "0.80909", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3148" }, { "reference_url": "https://curl.se/docs/CVE-2015-3148.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3148.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351", "reference_id": "1213351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341948?format=api", "purl": "pkg:deb/debian/curl@7.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3148" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrrf-z64u-zkck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12266?format=api", "vulnerability_id": "VCID-qteb-88n4-5ka7", "summary": "curl: libssh key passphrase bypass without agent set", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2694", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15224" }, { "reference_url": "https://curl.se/docs/CVE-2025-15224.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://curl.se/docs/CVE-2025-15224.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3480925", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://hackerone.com/reports/3480925" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426410", "reference_id": "2426410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426410" }, { "reference_url": "https://curl.se/docs/CVE-2025-15224.json", "reference_id": "CVE-2025-15224.json", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://curl.se/docs/CVE-2025-15224.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342018?format=api", "purl": "pkg:deb/debian/curl@8.18.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-15224" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qteb-88n4-5ka7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55421?format=api", "vulnerability_id": "VCID-qxf1-m33c-3kbq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.67219", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7141" }, { "reference_url": "https://curl.se/docs/CVE-2016-7141.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-7141.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373229", "reference_id": "1373229", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373229" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918", "reference_id": "836918", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7141" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxf1-m33c-3kbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76670?format=api", "vulnerability_id": "VCID-qze3-vubf-67ej", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3185.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04852", "scoring_system": "epss", "scoring_elements": "0.89701", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3185" }, { "reference_url": "https://curl.se/docs/CVE-2005-3185.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2005-3185.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617794", "reference_id": "1617794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617794" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333734", "reference_id": "333734", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333734" }, { "reference_url": "https://security.gentoo.org/glsa/200510-19", "reference_id": "GLSA-200510-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200510-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:807", "reference_id": "RHSA-2005:807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:812", "reference_id": "RHSA-2005:812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:812" }, { "reference_url": "https://usn.ubuntu.com/205-1/", "reference_id": "USN-205-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/205-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341928?format=api", "purl": "pkg:deb/debian/curl@7.15.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.15.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3185" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qze3-vubf-67ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27328?format=api", "vulnerability_id": "VCID-r1c8-6w99-kqgc", "summary": "curl: curl netrc password leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80721", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11053" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682", "reference_id": "1089682", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "reference_id": "2331191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331191" }, { "reference_url": "https://hackerone.com/reports/2829063", "reference_id": "2829063", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://hackerone.com/reports/2829063" }, { "reference_url": "https://curl.se/docs/CVE-2024-11053.html", "reference_id": "CVE-2024-11053.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-11053.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-11053.json", "reference_id": "CVE-2024-11053.json", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-11053.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/7162-1/", "reference_id": "USN-7162-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7162-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341996?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341997?format=api", "purl": "pkg:deb/debian/curl@8.11.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.11.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11053" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1c8-6w99-kqgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12265?format=api", "vulnerability_id": "VCID-r4re-xx26-2kgm", "summary": "curl: Host verification bypass during SSH transfers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14927", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15079" }, { "reference_url": "https://curl.se/docs/CVE-2025-15079.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-15079.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3477116", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://hackerone.com/reports/3477116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426409", "reference_id": "2426409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426409" }, { "reference_url": "https://curl.se/docs/CVE-2025-15079.json", "reference_id": "CVE-2025-15079.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-15079.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342017?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-15079" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4re-xx26-2kgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45578?format=api", "vulnerability_id": "VCID-r9g6-71tv-byak", "summary": "curl: TLS 1.3 session ticket mix-up with HTTPS proxy host", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25837", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22890" }, { "reference_url": "https://curl.se/docs/CVE-2021-22890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://curl.se/docs/CVE-2021-22890.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1129529", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://hackerone.com/reports/1129529" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941965", "reference_id": "1941965", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941965" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270", "reference_id": "986270", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341970?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22890" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9g6-71tv-byak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60398?format=api", "vulnerability_id": "VCID-rkdx-swyp-n7a2", "summary": "curl: RTSP RTP buffer over-read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01639", "scoring_system": "epss", "scoring_elements": "0.82244", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000122" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000122.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000122.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398", "reference_id": "1553398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553398" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546", "reference_id": "893546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546" }, { "reference_url": "https://security.archlinux.org/ASA-201803-15", "reference_id": "ASA-201803-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-15" }, { "reference_url": "https://security.archlinux.org/ASA-201803-16", "reference_id": "ASA-201803-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-16" }, { "reference_url": "https://security.archlinux.org/ASA-201803-17", "reference_id": "ASA-201803-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-17" }, { "reference_url": "https://security.archlinux.org/ASA-201803-18", "reference_id": "ASA-201803-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-18" }, { "reference_url": "https://security.archlinux.org/ASA-201803-19", "reference_id": "ASA-201803-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-19" }, { "reference_url": "https://security.archlinux.org/ASA-201803-20", "reference_id": "ASA-201803-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-20" }, { "reference_url": "https://security.archlinux.org/AVG-653", "reference_id": "AVG-653", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-653" }, { "reference_url": "https://security.archlinux.org/AVG-654", "reference_id": "AVG-654", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-654" }, { "reference_url": "https://security.archlinux.org/AVG-655", "reference_id": "AVG-655", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-655" }, { "reference_url": "https://security.archlinux.org/AVG-656", "reference_id": "AVG-656", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-656" }, { "reference_url": "https://security.archlinux.org/AVG-660", "reference_id": "AVG-660", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-660" }, { "reference_url": "https://security.archlinux.org/AVG-661", "reference_id": "AVG-661", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-661" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341963?format=api", "purl": "pkg:deb/debian/curl@7.60.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.60.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000122" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkdx-swyp-n7a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56967?format=api", "vulnerability_id": "VCID-rxqn-hx8b-4ket", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02257", "scoring_system": "epss", "scoring_elements": "0.84873", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7167" }, { "reference_url": "https://curl.se/docs/CVE-2016-7167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-7167.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375906", "reference_id": "1375906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945", "reference_id": "837945", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945" }, { "reference_url": "https://security.archlinux.org/ASA-201609-18", "reference_id": "ASA-201609-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-18" }, { "reference_url": "https://security.archlinux.org/ASA-201609-19", "reference_id": "ASA-201609-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-19" }, { "reference_url": "https://security.archlinux.org/AVG-20", "reference_id": "AVG-20", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-20" }, { "reference_url": "https://security.archlinux.org/AVG-21", "reference_id": "AVG-21", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-21" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2016", "reference_id": "RHSA-2017:2016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7167" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxqn-hx8b-4ket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36935?format=api", "vulnerability_id": "VCID-sd8m-enmc-muhn", "summary": "curl: heap based buffer overflow in the SOCKS5 proxy handshake", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26747", "scoring_system": "epss", "scoring_elements": "0.96434", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2187833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2187833" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", "reference_id": "2241933", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://security.archlinux.org/AVG-2845", "reference_id": "AVG-2845", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2845" }, { "reference_url": "https://security.archlinux.org/AVG-2846", "reference_id": "AVG-2846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", "reference_id": "CVE-2023-38545", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545" }, { "reference_url": "https://curl.se/docs/CVE-2023-38545.html", "reference_id": "CVE-2023-38545.HTML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://curl.se/docs/CVE-2023-38545.html" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/", "reference_id": "high-severity-heap-buffer-overflow-vulnerability", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0009/", "reference_id": "ntap-20231027-0009", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0005/", "reference_id": "ntap-20240201-0005", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0005/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/", "reference_id": "OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5700", "reference_id": "RHSA-2023:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5763", "reference_id": "RHSA-2023:5763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6745", "reference_id": "RHSA-2023:6745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0797", "reference_id": "RHSA-2024:0797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2011", "reference_id": "RHSA-2024:2011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2011" }, { "reference_url": "https://usn.ubuntu.com/6429-1/", "reference_id": "USN-6429-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-1/" }, { "reference_url": "https://usn.ubuntu.com/6429-3/", "reference_id": "USN-6429-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-3/" }, { "reference_url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868", "reference_id": "viewtopic.php?f=8&t=8868", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/" } ], "url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341990?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341989?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341991?format=api", "purl": "pkg:deb/debian/curl@8.3.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.3.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-38545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sd8m-enmc-muhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68200?format=api", "vulnerability_id": "VCID-snt9-bpy7-pqhd", "summary": "curl: incorrect handle duplication after COPYPOSTFIELDS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3707", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45377", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3707" }, { "reference_url": "https://curl.se/docs/CVE-2014-3707.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-3707.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941", "reference_id": "1154941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2399-1/", "reference_id": "USN-2399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341946?format=api", "purl": "pkg:deb/debian/curl@7.38.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3707" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snt9-bpy7-pqhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40784?format=api", "vulnerability_id": "VCID-srgc-rxj3-6ydd", "summary": "curl: HTTP proxy double-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64716", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42915" }, { "reference_url": "https://curl.se/docs/CVE-2022-42915.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://curl.se/docs/CVE-2022-42915.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1722065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1722065" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135413", "reference_id": "2135413", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135413" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/", "reference_id": "37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/", "reference_id": "HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0010/", "reference_id": "ntap-20221209-0010", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/", "reference_id": "Q27V5YYMXUVI6PRZQVECON32XPVWTKDK", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-42915" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-srgc-rxj3-6ydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8127?format=api", "vulnerability_id": "VCID-ss8u-8s2v-dkf4", "summary": "curl: curl: Unauthorized access due to improper HTTP proxy connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06899", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3584903", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://hackerone.com/reports/3584903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449", "reference_id": "2446449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.json", "reference_id": "CVE-2026-3784.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/342023?format=api", "purl": "pkg:deb/debian/curl@8.19.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.19.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-3784" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss8u-8s2v-dkf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89898?format=api", "vulnerability_id": "VCID-suuf-58uw-xucs", "summary": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60825", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9952" }, { "reference_url": "https://curl.se/docs/CVE-2016-9952.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9952.html" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161221B.html", "reference_id": "adv_20161221B.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161221B.html" }, { "reference_url": "https://curl.haxx.se/CVE-2016-9952.patch", "reference_id": "CVE-2016-9952.patch", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/" } ], "url": "https://curl.haxx.se/CVE-2016-9952.patch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9952" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-suuf-58uw-xucs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67914?format=api", "vulnerability_id": "VCID-t49y-2csd-q7c9", "summary": "curl: certificate check bypass when built with DarwinSSL as TLS backend", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8151.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62464", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8151" }, { "reference_url": "https://curl.se/docs/CVE-2014-8151.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-8151.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178698", "reference_id": "1178698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178698" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8151" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t49y-2csd-q7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53460?format=api", "vulnerability_id": "VCID-tcq7-bk2f-ekdh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42083", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407" }, { "reference_url": "https://curl.se/docs/CVE-2017-7407.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7407.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190", "reference_id": "1439190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190" }, { "reference_url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13", "reference_id": "1890d59905414ab84a35892b2e45833654aa5c13", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/" } ], "url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500", "reference_id": "859500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/" } ], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341958?format=api", "purl": "pkg:deb/debian/curl@7.52.1-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7407" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcq7-bk2f-ekdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76621?format=api", "vulnerability_id": "VCID-tvwg-295p-c3c6", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4077.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4077.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-4077", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50254", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-4077" }, { "reference_url": "https://curl.se/docs/CVE-2005-4077.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2005-4077.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617850", "reference_id": "1617850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617850" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342339", "reference_id": "342339", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342339" }, { "reference_url": "https://security.gentoo.org/glsa/200512-09", "reference_id": "GLSA-200512-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200512-09" }, { "reference_url": "https://security.gentoo.org/glsa/200603-25", "reference_id": "GLSA-200603-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:875", "reference_id": "RHSA-2005:875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:875" }, { "reference_url": "https://usn.ubuntu.com/228-1/", "reference_id": "USN-228-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/228-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341929?format=api", "purl": "pkg:deb/debian/curl@7.15.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.15.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-4077" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvwg-295p-c3c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42380?format=api", "vulnerability_id": "VCID-tx73-4h2v-uyb4", "summary": "curl: removes wrong file on error", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27778" }, { "reference_url": "https://curl.se/docs/CVE-2022-27778.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27778.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1553598" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082194", "reference_id": "2082194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082194" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27778" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tx73-4h2v-uyb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39117?format=api", "vulnerability_id": "VCID-tzhd-pvxj-gqfy", "summary": "curl: SFTP path ~ resolving discrepancy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20088", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534" }, { "reference_url": "https://curl.se/docs/CVE-2023-27534.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27534.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1892351" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069", "reference_id": "2179069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341984?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27534" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzhd-pvxj-gqfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47125?format=api", "vulnerability_id": "VCID-u1yn-scjj-qkc8", "summary": "curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36546", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231" }, { "reference_url": "https://curl.se/docs/CVE-2020-8231.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8231.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/948876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/948876" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868032", "reference_id": "1868032", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868032" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831", "reference_id": "968831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://usn.ubuntu.com/4466-1/", "reference_id": "USN-4466-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-1/" }, { "reference_url": "https://usn.ubuntu.com/4466-2/", "reference_id": "USN-4466-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-2/" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341968?format=api", "purl": "pkg:deb/debian/curl@7.72.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.72.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8231" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1yn-scjj-qkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70178?format=api", "vulnerability_id": "VCID-u884-fsbe-27h6", "summary": "curl: Stack-based buffer overflow when negotiating SASL DIGEST-MD5 authentication with IMAP, POP3 and SMTP protocols", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0249.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0249.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44202", "scoring_system": "epss", "scoring_elements": "0.97608", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0249" }, { "reference_url": "https://curl.se/docs/CVE-2013-0249.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-0249.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0249", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0249" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700002", "reference_id": "700002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=906779", "reference_id": "906779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906779" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24487.py", "reference_id": "CVE-2013-0249;OSVDB-89988", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24487.py" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://usn.ubuntu.com/1721-1/", "reference_id": "USN-1721-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1721-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341938?format=api", "purl": "pkg:deb/debian/curl@7.29.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.29.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0249" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u884-fsbe-27h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34188?format=api", "vulnerability_id": "VCID-ujr4-yect-subh", "summary": "curl: Usage of disabled protocol", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0091", "scoring_system": "epss", "scoring_elements": "0.76152", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270500", "reference_id": "2270500", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270500" }, { "reference_url": "https://hackerone.com/reports/2384833", "reference_id": "2384833", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://hackerone.com/reports/2384833" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/", "reference_id": "2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/" }, { "reference_url": "https://curl.se/docs/CVE-2024-2004.html", "reference_id": "CVE-2024-2004.html", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-2004.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2004.json", "reference_id": "CVE-2024-2004.json", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-2004.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/", "reference_id": "GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0006/", "reference_id": "ntap-20240524-0006", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://usn.ubuntu.com/6718-1/", "reference_id": "USN-6718-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-1/" }, { "reference_url": "https://usn.ubuntu.com/6718-3/", "reference_id": "USN-6718-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341998?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2004" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujr4-yect-subh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53493?format=api", "vulnerability_id": "VCID-uq2h-5uqp-rfbg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01092", "scoring_system": "epss", "scoring_elements": "0.78249", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5421" }, { "reference_url": "https://curl.se/docs/CVE-2016-5421.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5421.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199", "reference_id": "1362199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362199" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341952?format=api", "purl": "pkg:deb/debian/curl@7.50.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.50.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5421" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uq2h-5uqp-rfbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42596?format=api", "vulnerability_id": "VCID-uws8-s9se-nyay", "summary": "curl: auth/cookie leak on redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71949", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776" }, { "reference_url": "https://curl.se/docs/CVE-2022-27776.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27776.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1547048", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://hackerone.com/reports/1547048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252", "reference_id": "1010252", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408", "reference_id": "2078408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", "reference_id": "7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", "reference_id": "DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341973?format=api", "purl": "pkg:deb/debian/curl@7.83.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27776" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uws8-s9se-nyay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39435?format=api", "vulnerability_id": "VCID-v13d-ffaa-hyd9", "summary": "curl: HTTP multi-header compression denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20724", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916" }, { "reference_url": "https://curl.se/docs/CVE-2023-23916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-23916.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1826048", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://hackerone.com/reports/1826048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371", "reference_id": "1031371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815", "reference_id": "2167815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/", "reference_id": "BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5365", "reference_id": "dsa-5365", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html", "reference_id": "msg00035.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230309-0006/", "reference_id": "ntap-20230309-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1140", "reference_id": "RHSA-2023:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1701", "reference_id": "RHSA-2023:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1842", "reference_id": "RHSA-2023:1842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3460", "reference_id": "RHSA-2023:3460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5891-1/", "reference_id": "USN-5891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341982?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341981?format=api", "purl": "pkg:deb/debian/curl@7.88.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-23916" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v13d-ffaa-hyd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89894?format=api", "vulnerability_id": "VCID-v3w9-aq2q-6kdd", "summary": "curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47942", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2522" }, { "reference_url": "https://curl.se/docs/CVE-2014-2522.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-2522.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2522" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3w9-aq2q-6kdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58546?format=api", "vulnerability_id": "VCID-v54z-4tb3-qkh2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75388", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000257" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000257.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000257.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101519", "reference_id": "101519", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "http://www.securityfocus.com/bid/101519" }, { "reference_url": "http://www.securitytracker.com/id/1039644", "reference_id": "1039644", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "http://www.securitytracker.com/id/1039644" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705", "reference_id": "1503705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503705" }, { "reference_url": "https://curl.haxx.se/docs/adv_20171023.html", "reference_id": "adv_20171023.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "https://curl.haxx.se/docs/adv_20171023.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-10", "reference_id": "ASA-201711-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-10" }, { "reference_url": "https://security.archlinux.org/ASA-201711-11", "reference_id": "ASA-201711-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-11" }, { "reference_url": "https://security.archlinux.org/ASA-201711-6", "reference_id": "ASA-201711-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-6" }, { "reference_url": "https://security.archlinux.org/ASA-201711-7", "reference_id": "ASA-201711-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-7" }, { "reference_url": "https://security.archlinux.org/ASA-201711-8", "reference_id": "ASA-201711-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-8" }, { "reference_url": "https://security.archlinux.org/ASA-201711-9", "reference_id": "ASA-201711-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-9" }, { "reference_url": "https://security.archlinux.org/AVG-462", "reference_id": "AVG-462", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-462" }, { "reference_url": "https://security.archlinux.org/AVG-463", "reference_id": "AVG-463", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-463" }, { "reference_url": "https://security.archlinux.org/AVG-464", "reference_id": "AVG-464", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-464" }, { "reference_url": "https://security.archlinux.org/AVG-465", "reference_id": "AVG-465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-465" }, { "reference_url": "https://security.archlinux.org/AVG-466", "reference_id": "AVG-466", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-466" }, { "reference_url": "https://security.archlinux.org/AVG-467", "reference_id": "AVG-467", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-467" }, { "reference_url": "http://www.debian.org/security/2017/dsa-4007", "reference_id": "dsa-4007", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "http://www.debian.org/security/2017/dsa-4007" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3263", "reference_id": "RHSA-2017:3263", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" }, { "reference_url": "https://usn.ubuntu.com/3457-1/", "reference_id": "USN-3457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3457-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341956?format=api", "purl": "pkg:deb/debian/curl@7.56.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.56.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000257" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v54z-4tb3-qkh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54854?format=api", "vulnerability_id": "VCID-vhq1-me6w-uqfm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01071", "scoring_system": "epss", "scoring_elements": "0.78035", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420" }, { "reference_url": "https://curl.se/docs/CVE-2016-5420.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5420.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190", "reference_id": "1362190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341952?format=api", "purl": "pkg:deb/debian/curl@7.50.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.50.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5420" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhq1-me6w-uqfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67087?format=api", "vulnerability_id": "VCID-vqf9-y6k7-f7bt", "summary": "curl: lingering HTTP credentials in connection re-use", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3236.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04525", "scoring_system": "epss", "scoring_elements": "0.8933", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3236" }, { "reference_url": "https://curl.se/docs/CVE-2015-3236.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3236.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233816", "reference_id": "1233816", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233816" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341950?format=api", "purl": "pkg:deb/debian/curl@7.43.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.43.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3236" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqf9-y6k7-f7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42590?format=api", "vulnerability_id": "VCID-vs4f-hsgz-cyby", "summary": "curl: OAUTH2 bearer bypass in connection re-use", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5758", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576" }, { "reference_url": "https://curl.se/docs/CVE-2022-22576.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-22576.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1526328", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://hackerone.com/reports/1526328" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295", "reference_id": "1010295", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077541", "reference_id": "2077541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077541" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341973?format=api", "purl": "pkg:deb/debian/curl@7.83.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-22576" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vs4f-hsgz-cyby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62300?format=api", "vulnerability_id": "VCID-vs5f-8tuz-b7ev", "summary": "curl: FTP PWD response parser out of bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01318", "scoring_system": "epss", "scoring_elements": "0.80172", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000254.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000254.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541", "reference_id": "1495541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671", "reference_id": "877671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671" }, { "reference_url": "https://security.archlinux.org/ASA-201710-2", "reference_id": "ASA-201710-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-2" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.archlinux.org/AVG-422", "reference_id": "AVG-422", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-422" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341956?format=api", "purl": "pkg:deb/debian/curl@7.56.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.56.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000254" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vs5f-8tuz-b7ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44963?format=api", "vulnerability_id": "VCID-vvsu-pcba-qfh6", "summary": "curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46202", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925" }, { "reference_url": "https://curl.se/docs/CVE-2021-22925.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22925.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://hackerone.com/reports/1223882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902", "reference_id": "1970902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/39", "reference_id": "39", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/40", "reference_id": "40", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT212804", "reference_id": "HT212804", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212804" }, { "reference_url": "https://support.apple.com/kb/HT212805", "reference_id": "HT212805", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212805" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22925" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vvsu-pcba-qfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40783?format=api", "vulnerability_id": "VCID-w2fp-rb4q-kke3", "summary": "curl: .netrc parser out-of-bounds access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50609", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35260" }, { "reference_url": "https://curl.se/docs/CVE-2022-35260.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35260.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1721098", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://hackerone.com/reports/1721098" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135412", "reference_id": "2135412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135412" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35260" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2fp-rb4q-kke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42386?format=api", "vulnerability_id": "VCID-wj8v-8fnv-kqgj", "summary": "curl: HSTS bypass via trailing dot", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30115" }, { "reference_url": "https://curl.se/docs/CVE-2022-30115.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-30115.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1557449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1557449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082223", "reference_id": "2082223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082223" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-30115" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj8v-8fnv-kqgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12263?format=api", "vulnerability_id": "VCID-x47y-r42c-bkfk", "summary": "curl: libcurl: Improper certificate validation due to cached TLS settings reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14819.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14819.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19195", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14819" }, { "reference_url": "https://curl.se/docs/CVE-2025-14819.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:00:02Z/" } ], "url": "https://curl.se/docs/CVE-2025-14819.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426408", "reference_id": "2426408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426408" }, { "reference_url": "https://curl.se/docs/CVE-2025-14819.json", "reference_id": "CVE-2025-14819.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:00:02Z/" } ], "url": "https://curl.se/docs/CVE-2025-14819.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342017?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-14819" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x47y-r42c-bkfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71776?format=api", "vulnerability_id": "VCID-x6jw-xxpk-eufb", "summary": "curl: Improper delegation of client credentials during GSS negotiation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2192.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2192.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.84148", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2192" }, { "reference_url": "https://curl.se/docs/CVE-2011-2192.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-2192.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631615", "reference_id": "631615", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631615" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=711454", "reference_id": "711454", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711454" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0918", "reference_id": "RHSA-2011:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0918" }, { "reference_url": "https://usn.ubuntu.com/1158-1/", "reference_id": "USN-1158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1158-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341936?format=api", "purl": "pkg:deb/debian/curl@7.21.6-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.21.6-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2192" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6jw-xxpk-eufb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71633?format=api", "vulnerability_id": "VCID-x6pd-2arc-gqdq", "summary": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88348", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389" }, { "reference_url": "https://curl.se/docs/CVE-2011-3389.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-3389.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", "reference_id": "737506", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506" }, { "reference_url": "https://security.gentoo.org/glsa/201111-02", "reference_id": "GLSA-201111-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-02" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1380", "reference_id": "RHSA-2011:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1384", "reference_id": "RHSA-2011:1384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0006", "reference_id": "RHSA-2012:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0034", "reference_id": "RHSA-2012:0034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0343", "reference_id": "RHSA-2012:0343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0508", "reference_id": "RHSA-2012:0508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://usn.ubuntu.com/1263-1/", "reference_id": "USN-1263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1263-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341937?format=api", "purl": "pkg:deb/debian/curl@7.24.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.24.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-3389" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6pd-2arc-gqdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46276?format=api", "vulnerability_id": "VCID-xapd-mgwu-67b3", "summary": "curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73284", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285" }, { "reference_url": "https://curl.se/docs/CVE-2020-8285.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1045844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://hackerone.com/reports/1045844" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902687", "reference_id": "1902687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902687" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/51", "reference_id": "51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "reference_url": "https://github.com/curl/curl/issues/6255", "reference_id": "6255", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://github.com/curl/curl/issues/6255" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162", "reference_id": "977162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341969?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8285" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xapd-mgwu-67b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53038?format=api", "vulnerability_id": "VCID-xq5h-af6j-r3fa", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83601", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419" }, { "reference_url": "https://curl.se/docs/CVE-2016-5419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5419.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183", "reference_id": "1362183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341952?format=api", "purl": "pkg:deb/debian/curl@7.50.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.50.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5419" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xq5h-af6j-r3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45257?format=api", "vulnerability_id": "VCID-y1dj-ashm-ryha", "summary": "curl: TELNET stack contents disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33327", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898" }, { "reference_url": "https://curl.se/docs/CVE-2021-22898.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1176461", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://hackerone.com/reports/1176461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887", "reference_id": "1964887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887" }, { "reference_url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_id": "39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/07/21/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228", "reference_id": "989228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/ASA-202106-8", "reference_id": "ASA-202106-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-8" }, { "reference_url": "https://security.archlinux.org/ASA-202106-9", "reference_id": "ASA-202106-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-9" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.archlinux.org/AVG-1999", "reference_id": "AVG-1999", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1999" }, { "reference_url": "https://security.archlinux.org/AVG-2000", "reference_id": "AVG-2000", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2000" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/", "reference_id": "POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "reference_url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_id": "rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22898" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y1dj-ashm-ryha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53061?format=api", "vulnerability_id": "VCID-y1e8-qv34-juf8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24688", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8617" }, { "reference_url": "https://curl.se/docs/CVE-2016-8617.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8617.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377", "reference_id": "1388377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388377" }, { "reference_url": "http://www.securityfocus.com/bid/94097", "reference_id": "94097", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "http://www.securityfocus.com/bid/94097" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102C.html", "reference_id": "adv_20161102C.html", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102C.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://curl.haxx.se/CVE-2016-8617.patch", "reference_id": "CVE-2016-8617.patch", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://curl.haxx.se/CVE-2016-8617.patch" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8617", "reference_id": "show_bug.cgi?id=CVE-2016-8617", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8617" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341953?format=api", "purl": "pkg:deb/debian/curl@7.51.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.51.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8617" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y1e8-qv34-juf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41972?format=api", "vulnerability_id": "VCID-y7c7-w2ru-gbhm", "summary": "curl: HTTP compression denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03367", "scoring_system": "epss", "scoring_elements": "0.87563", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206" }, { "reference_url": "https://curl.se/docs/CVE-2022-32206.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32206.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1570651", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://hackerone.com/reports/1570651" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099300", "reference_id": "2099300", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099300" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/02/15/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6157", "reference_id": "RHSA-2022:6157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6159", "reference_id": "RHSA-2022:6159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3460", "reference_id": "RHSA-2023:3460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3460" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341972?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341975?format=api", "purl": "pkg:deb/debian/curl@7.84.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.84.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-32206" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7c7-w2ru-gbhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69051?format=api", "vulnerability_id": "VCID-y841-wa7x-gyd4", "summary": "curl: re-use of wrong HTTP NTLM connection in libcurl", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01266", "scoring_system": "epss", "scoring_elements": "0.79769", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0015" }, { "reference_url": "https://curl.se/docs/CVE-2014-0015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-0015.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053903", "reference_id": "1053903", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0561", "reference_id": "RHSA-2014:0561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0561" }, { "reference_url": "https://usn.ubuntu.com/2097-1/", "reference_id": "USN-2097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2097-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341943?format=api", "purl": "pkg:deb/debian/curl@7.35.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.35.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0015" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y841-wa7x-gyd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67276?format=api", "vulnerability_id": "VCID-yn3p-7hnq-13hv", "summary": "curl: re-using authenticated connection when unauthenticated", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04659", "scoring_system": "epss", "scoring_elements": "0.8948", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3143" }, { "reference_url": "https://curl.se/docs/CVE-2015-3143.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3143.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306", "reference_id": "1213306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "reference_url": "https://security.gentoo.org/glsa/201509-02", "reference_id": "GLSA-201509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201509-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341948?format=api", "purl": "pkg:deb/debian/curl@7.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3143" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yn3p-7hnq-13hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44958?format=api", "vulnerability_id": "VCID-z46c-bshd-zuf1", "summary": "curl: Content not matching hash in Metalink is not being discarded", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34723", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22922" }, { "reference_url": "https://curl.se/docs/CVE-2021-22922.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22922.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1213175", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://hackerone.com/reports/1213175" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981435", "reference_id": "1981435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981435" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3582", "reference_id": "RHSA-2021:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3903", "reference_id": "RHSA-2021:3903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3903" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341971?format=api", "purl": "pkg:deb/debian/curl@7.79.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.79.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22922" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z46c-bshd-zuf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41344?format=api", "vulnerability_id": "VCID-z4n7-e83t-hucq", "summary": "curl: Incorrect handling of control code characters in cookies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52523", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252" }, { "reference_url": "https://curl.se/docs/CVE-2022-35252.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35252.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1613943", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://hackerone.com/reports/1613943" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831", "reference_id": "1018831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718", "reference_id": "2120718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213603", "reference_id": "HT213603", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213603" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220930-0005/", "reference_id": "ntap-20220930-0005", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5587-1/", "reference_id": "USN-5587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341979?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341978?format=api", "purl": "pkg:deb/debian/curl@7.85.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.85.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35252" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4n7-e83t-hucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54142?format=api", "vulnerability_id": "VCID-z7nt-pckd-pua8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02845", "scoring_system": "epss", "scoring_elements": "0.86461", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000301.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000301.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301" }, { "reference_url": "http://www.securitytracker.com/id/1040931", "reference_id": "1040931", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "http://www.securitytracker.com/id/1040931" }, { "reference_url": "http://www.securityfocus.com/bid/104225", "reference_id": "104225", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "http://www.securityfocus.com/bid/104225" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536", "reference_id": "1575536", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575536" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "3648-1", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://usn.ubuntu.com/3648-1/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856", "reference_id": "898856", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-b138.html", "reference_id": "adv_2018-b138.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://curl.haxx.se/docs/adv_2018-b138.html" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4202", "reference_id": "dsa-4202", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4202" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html", "reference_id": "msg00010.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341963?format=api", "purl": "pkg:deb/debian/curl@7.60.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.60.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000301" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7nt-pckd-pua8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67258?format=api", "vulnerability_id": "VCID-za4f-bm16-j7ba", "summary": "curl: sensitive HTTP server headers also sent to proxies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08372", "scoring_system": "epss", "scoring_elements": "0.92428", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153" }, { "reference_url": "https://curl.se/docs/CVE-2015-3153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3153.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341", "reference_id": "1217341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341949?format=api", "purl": "pkg:deb/debian/curl@7.42.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.42.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3153" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-za4f-bm16-j7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39122?format=api", "vulnerability_id": "VCID-zgz2-mscv-sqhu", "summary": "curl: GSS delegation too eager connection re-use", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01414", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536" }, { "reference_url": "https://curl.se/docs/CVE-2023-27536.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27536.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1895135", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://hackerone.com/reports/1895135" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092", "reference_id": "2179092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536", "reference_id": "CVE-2023-27536", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341984?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27536" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgz2-mscv-sqhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12261?format=api", "vulnerability_id": "VCID-zssk-1ump-a3hh", "summary": "curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01954", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13034" }, { "reference_url": "https://curl.se/docs/CVE-2025-13034.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:56:11Z/" } ], "url": "https://curl.se/docs/CVE-2025-13034.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426406", "reference_id": "2426406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426406" }, { "reference_url": "https://curl.se/docs/CVE-2025-13034.json", "reference_id": "CVE-2025-13034.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:56:11Z/" } ], "url": "https://curl.se/docs/CVE-2025-13034.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342016?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-13034" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zssk-1ump-a3hh" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" }