Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/341935?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "curl", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.10.7-1", "latest_non_vulnerable_version": "8.20.0-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54248?format=api", "vulnerability_id": "VCID-2x3m-p3eu-y7cn", "summary": "curl: Windows OpenSSL engine code injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00992", "scoring_system": "epss", "scoring_elements": "0.77192", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443" }, { "reference_url": "https://curl.se/docs/CVE-2019-5443.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5443.html" }, { "reference_url": "https://hackerone.com/reports/608577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/608577" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772100", "reference_id": "1772100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-5443" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2x3m-p3eu-y7cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25980?format=api", "vulnerability_id": "VCID-3c1c-2n4r-uyag", "summary": "libcurl: Double Close of Eventfd in libcurl", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0665.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04569", "scoring_system": "epss", "scoring_elements": "0.89376", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0665" }, { "reference_url": "https://curl.se/docs/CVE-2025-0665.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-0665.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2954286", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://hackerone.com/reports/2954286" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343895", "reference_id": "2343895", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343895" }, { "reference_url": "https://curl.se/docs/CVE-2025-0665.json", "reference_id": "CVE-2025-0665.json", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:42:03Z/" } ], "url": "https://curl.se/docs/CVE-2025-0665.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342010?format=api", "purl": "pkg:deb/debian/curl@8.12.0%2Bgit20250209.89ed161%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.12.0%252Bgit20250209.89ed161%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0665" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3c1c-2n4r-uyag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63716?format=api", "vulnerability_id": "VCID-3n8z-33hn-ffbv", "summary": "curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2628.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2628.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74866", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2628" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464", "reference_id": "1422464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0847", "reference_id": "RHSA-2017:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-2628" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3n8z-33hn-ffbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89892?format=api", "vulnerability_id": "VCID-4wmd-2ube-6ud3", "summary": "Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \\ (backslash) as a separator of path components within the Content-disposition HTTP header.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.75985", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3842" }, { "reference_url": "https://curl.se/docs/CVE-2010-3842.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2010-3842.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3842" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wmd-2ube-6ud3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58693?format=api", "vulnerability_id": "VCID-5q7e-maen-9kes", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02011", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3694390", "reference_id": "3694390", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://hackerone.com/reports/3694390" }, { "reference_url": "https://curl.se/docs/CVE-2026-7009.html", "reference_id": "CVE-2026-7009.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://curl.se/docs/CVE-2026-7009.html" }, { "reference_url": "https://curl.se/docs/CVE-2026-7009.json", "reference_id": "CVE-2026-7009.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:20:11Z/" } ], "url": "https://curl.se/docs/CVE-2026-7009.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-7009" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5q7e-maen-9kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37236?format=api", "vulnerability_id": "VCID-5stq-jajr-57hv", "summary": "curl: out of heap memory issue due to missing limit on header quantity", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14797", "scoring_system": "epss", "scoring_elements": "0.94612", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38039" }, { "reference_url": "https://curl.se/docs/CVE-2023-38039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-38039.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2072338", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://hackerone.com/reports/2072338" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239135", "reference_id": "2239135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239135" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/", "reference_id": "5DCZMYODALBLVOXVJEN2LF2MLANEYL4F", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/", "reference_id": "M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231013-0005/", "reference_id": "ntap-20231013-0005", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231013-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://www.insyde.com/security-pledge/SA-2023064", "reference_id": "SA-2023064", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://www.insyde.com/security-pledge/SA-2023064" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/", "reference_id": "TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/" }, { "reference_url": "https://usn.ubuntu.com/6363-1/", "reference_id": "USN-6363-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6363-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341987?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341988?format=api", "purl": "pkg:deb/debian/curl@8.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-38039" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5stq-jajr-57hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45253?format=api", "vulnerability_id": "VCID-62br-m3wt-gqdm", "summary": "curl: Use-after-free in TLS session handling when using OpenSSL TLS backend", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43726", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22901" }, { "reference_url": "https://curl.se/docs/CVE-2021-22901.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22901.html" }, { "reference_url": "https://hackerone.com/reports/1180380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1180380" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963146", "reference_id": "1963146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963146" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22901" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-62br-m3wt-gqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54638?format=api", "vulnerability_id": "VCID-64yx-9372-guce", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000099.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00623", "scoring_system": "epss", "scoring_elements": "0.70459", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000099" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000099.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000099.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478316", "reference_id": "1478316", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478316" }, { "reference_url": "https://security.archlinux.org/ASA-201708-16", "reference_id": "ASA-201708-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-16" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-370", "reference_id": "AVG-370", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-370" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000099" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64yx-9372-guce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54427?format=api", "vulnerability_id": "VCID-689c-z62z-ukc7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56267", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0167" }, { "reference_url": "https://curl.se/docs/CVE-2025-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://curl.se/docs/CVE-2025-0167.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2917232", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://hackerone.com/reports/2917232" }, { "reference_url": "https://curl.se/docs/CVE-2025-0167.json", "reference_id": "CVE-2025-0167.json", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/" } ], "url": "https://curl.se/docs/CVE-2025-0167.json" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342009?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342010?format=api", "purl": "pkg:deb/debian/curl@8.12.0%2Bgit20250209.89ed161%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.12.0%252Bgit20250209.89ed161%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0167" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-689c-z62z-ukc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89897?format=api", "vulnerability_id": "VCID-72pz-4qf7-xfdb", "summary": "Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70137", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4802" }, { "reference_url": "https://curl.se/docs/CVE-2016-4802.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-4802.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4802" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72pz-4qf7-xfdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63263?format=api", "vulnerability_id": "VCID-7g7n-4tsf-2fgx", "summary": "curl: URL file scheme drive letter buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00552", "scoring_system": "epss", "scoring_elements": "0.68328", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9502" }, { "reference_url": "https://curl.se/docs/CVE-2017-9502.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-9502.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461321", "reference_id": "1461321", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461321" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9502" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7g7n-4tsf-2fgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89895?format=api", "vulnerability_id": "VCID-958x-aqdm-27br", "summary": "cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57741", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754" }, { "reference_url": "https://curl.se/docs/CVE-2016-0754.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0754.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0754" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-958x-aqdm-27br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21401?format=api", "vulnerability_id": "VCID-c88v-yygy-sbf4", "summary": "curl: libcurl: WebSocket endless loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65652", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5399" }, { "reference_url": "https://curl.se/docs/CVE-2025-5399.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://curl.se/docs/CVE-2025-5399.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3168039", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://hackerone.com/reports/3168039" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370920", "reference_id": "2370920", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370920" }, { "reference_url": "https://security.archlinux.org/ASA-202506-2", "reference_id": "ASA-202506-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202506-2" }, { "reference_url": "https://security.archlinux.org/AVG-2895", "reference_id": "AVG-2895", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2895" }, { "reference_url": "https://curl.se/docs/CVE-2025-5399.json", "reference_id": "CVE-2025-5399.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T13:20:18Z/" } ], "url": "https://curl.se/docs/CVE-2025-5399.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342020?format=api", "purl": "pkg:deb/debian/curl@8.14.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5399" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c88v-yygy-sbf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45258?format=api", "vulnerability_id": "VCID-cgpy-5qpn-dkb8", "summary": "curl: Cipher settings shared for all connections when using schannel TLS backed", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00791", "scoring_system": "epss", "scoring_elements": "0.74198", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22897" }, { "reference_url": "https://curl.se/docs/CVE-2021-22897.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://curl.se/docs/CVE-2021-22897.html" }, { "reference_url": "https://hackerone.com/reports/1172857", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://hackerone.com/reports/1172857" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964904", "reference_id": "1964904", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964904" }, { "reference_url": "https://security.archlinux.org/AVG-2016", "reference_id": "AVG-2016", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2016" }, { "reference_url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511", "reference_id": "bbb71507b7bab52002f9b1e0880bed6a32834511", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210727-0007/", "reference_id": "ntap-20210727-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:47:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22897" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgpy-5qpn-dkb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89893?format=api", "vulnerability_id": "VCID-ddtt-b7y9-ubgn", "summary": "curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03073", "scoring_system": "epss", "scoring_elements": "0.86977", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1263" }, { "reference_url": "https://curl.se/docs/CVE-2014-1263.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-1263.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1263" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddtt-b7y9-ubgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18223?format=api", "vulnerability_id": "VCID-dt8a-u3bz-c3bp", "summary": "curl: libcurl: Curl out of bounds read for cookie path", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9086.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9086.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27654", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9086" }, { "reference_url": "https://curl.se/docs/CVE-2025-9086.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://curl.se/docs/CVE-2025-9086.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3294999", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://hackerone.com/reports/3294999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750", "reference_id": "2394750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750" }, { "reference_url": "https://curl.se/docs/CVE-2025-9086.json", "reference_id": "CVE-2025-9086.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:15:47Z/" } ], "url": "https://curl.se/docs/CVE-2025-9086.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23043", "reference_id": "RHSA-2025:23043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23125", "reference_id": "RHSA-2025:23125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23126", "reference_id": "RHSA-2025:23126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23127", "reference_id": "RHSA-2025:23127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23383", "reference_id": "RHSA-2025:23383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1350", "reference_id": "RHSA-2026:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1477", "reference_id": "RHSA-2026:1477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1825", "reference_id": "RHSA-2026:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2485", "reference_id": "RHSA-2026:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342012?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342021?format=api", "purl": "pkg:deb/debian/curl@8.16.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.16.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-9086" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt8a-u3bz-c3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55200?format=api", "vulnerability_id": "VCID-e2km-m1ta-6kes", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.72194", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594" }, { "reference_url": "https://curl.se/docs/CVE-2016-9594.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9594.html" }, { "reference_url": "http://www.securitytracker.com/id/1037528", "reference_id": "1037528", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "http://www.securitytracker.com/id/1037528" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385", "reference_id": "1408385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385" }, { "reference_url": "http://www.securityfocus.com/bid/95094", "reference_id": "95094", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "http://www.securityfocus.com/bid/95094" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161223.html", "reference_id": "adv_20161223.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161223.html" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594", "reference_id": "show_bug.cgi?id=CVE-2016-9594", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594" }, { "reference_url": "https://www.tenable.com/security/tns-2017-04", "reference_id": "tns-2017-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/" } ], "url": "https://www.tenable.com/security/tns-2017-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9594" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2km-m1ta-6kes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30401?format=api", "vulnerability_id": "VCID-e5g7-wsrp-ybfh", "summary": "curl: freeing stack buffer in utf8asn1str", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01302", "scoring_system": "epss", "scoring_elements": "0.80055", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996", "reference_id": "1076996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299653", "reference_id": "2299653", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299653" }, { "reference_url": "https://hackerone.com/reports/2559516", "reference_id": "2559516", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://hackerone.com/reports/2559516" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/5" }, { "reference_url": "https://curl.se/docs/CVE-2024-6197.html", "reference_id": "CVE-2024-6197.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2024-6197.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-6197.json", "reference_id": "CVE-2024-6197.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2024-6197.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342001?format=api", "purl": "pkg:deb/debian/curl@8.9.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6197" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e5g7-wsrp-ybfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89899?format=api", "vulnerability_id": "VCID-e66v-z214-5kdt", "summary": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01096", "scoring_system": "epss", "scoring_elements": "0.78288", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9953" }, { "reference_url": "https://curl.se/docs/CVE-2016-9953.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9953.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9953" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e66v-z214-5kdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21584?format=api", "vulnerability_id": "VCID-eu8a-mzse-zfhy", "summary": "curl: libcurl: QUIC Certificate Pinning Bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19095", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5025" }, { "reference_url": "https://curl.se/docs/CVE-2025-5025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-5025.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3153497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://hackerone.com/reports/3153497" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368888", "reference_id": "2368888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368888" }, { "reference_url": "https://security.archlinux.org/AVG-2887", "reference_id": "AVG-2887", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2887" }, { "reference_url": "https://curl.se/docs/CVE-2025-5025.json", "reference_id": "CVE-2025-5025.json", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T16:19:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-5025.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342019?format=api", "purl": "pkg:deb/debian/curl@8.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5025" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eu8a-mzse-zfhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8126?format=api", "vulnerability_id": "VCID-fdqn-e8uu-j3hx", "summary": "curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3805.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09116", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3805" }, { "reference_url": "https://curl.se/docs/CVE-2026-3805.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://curl.se/docs/CVE-2026-3805.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3591944", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://hackerone.com/reports/3591944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446451", "reference_id": "2446451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446451" }, { "reference_url": "https://curl.se/docs/CVE-2026-3805.json", "reference_id": "CVE-2026-3805.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:45:10Z/" } ], "url": "https://curl.se/docs/CVE-2026-3805.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342023?format=api", "purl": "pkg:deb/debian/curl@8.19.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.19.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-3805" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fdqn-e8uu-j3hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21586?format=api", "vulnerability_id": "VCID-g6cd-5nuc-73bx", "summary": "libcurl: curl: QUIC certificate check skip with wolfSSL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22697", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4947" }, { "reference_url": "https://curl.se/docs/CVE-2025-4947.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://curl.se/docs/CVE-2025-4947.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3150884", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://hackerone.com/reports/3150884" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368887", "reference_id": "2368887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368887" }, { "reference_url": "https://security.archlinux.org/AVG-2887", "reference_id": "AVG-2887", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2887" }, { "reference_url": "https://curl.se/docs/CVE-2025-4947.json", "reference_id": "CVE-2025-4947.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:57:59Z/" } ], "url": "https://curl.se/docs/CVE-2025-4947.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342019?format=api", "purl": "pkg:deb/debian/curl@8.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4947" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6cd-5nuc-73bx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42381?format=api", "vulnerability_id": "VCID-hsjj-6vfn-4ugt", "summary": "curl: cookie for trailing dot TLD", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27779.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27779.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47158", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27779" }, { "reference_url": "https://curl.se/docs/CVE-2022-27779.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27779.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1553301" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082202", "reference_id": "2082202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082202" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27779" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsjj-6vfn-4ugt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8896?format=api", "vulnerability_id": "VCID-kmgp-mppy-5ygb", "summary": "wcurl: wcurl: Arbitrary file placement via crafted URLs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11563.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11563.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05862", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11563" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442571", "reference_id": "2442571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442571" }, { "reference_url": "https://curl.se/docs/CVE-2025-11563.html", "reference_id": "CVE-2025-11563.html", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T18:53:51Z/" } ], "url": "https://curl.se/docs/CVE-2025-11563.html" }, { "reference_url": "https://curl.se/docs/CVE-2025-11563.json", "reference_id": "CVE-2025-11563.json", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T18:53:51Z/" } ], "url": "https://curl.se/docs/CVE-2025-11563.json" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342015?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342014?format=api", "purl": "pkg:deb/debian/curl@8.17.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.17.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-11563" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kmgp-mppy-5ygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42382?format=api", "vulnerability_id": "VCID-kudb-x77h-1ud4", "summary": "curl: percent-encoded path separator in URL host", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27780.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27780.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36381", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27780" }, { "reference_url": "https://curl.se/docs/CVE-2022-27780.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27780.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553841", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://hackerone.com/reports/1553841" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082203", "reference_id": "2082203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082203" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T20:10:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27780" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kudb-x77h-1ud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34175?format=api", "vulnerability_id": "VCID-mgx1-3ku7-sffc", "summary": "curl: TLS certificate check bypass with mbedTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35157", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270497", "reference_id": "2270497", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270497" }, { "reference_url": "https://hackerone.com/reports/2416725", "reference_id": "2416725", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://hackerone.com/reports/2416725" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4" }, { "reference_url": "https://curl.se/docs/CVE-2024-2466.html", "reference_id": "CVE-2024-2466.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://curl.se/docs/CVE-2024-2466.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2466.json", "reference_id": "CVE-2024-2466.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://curl.se/docs/CVE-2024-2466.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0010/", "reference_id": "ntap-20240503-0010", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2466" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgx1-3ku7-sffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89896?format=api", "vulnerability_id": "VCID-mr15-byak-dfhx", "summary": "Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01628", "scoring_system": "epss", "scoring_elements": "0.82178", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4606" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4606" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mr15-byak-dfhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39124?format=api", "vulnerability_id": "VCID-mse9-j9av-t7bh", "summary": "curl: HSTS double-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21861", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27537" }, { "reference_url": "https://curl.se/docs/CVE-2023-27537.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27537.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1897203", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1897203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179097", "reference_id": "2179097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179097" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537", "reference_id": "CVE-2023-27537", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341983?format=api", "purl": "pkg:deb/debian/curl@7.88.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-27537" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mse9-j9av-t7bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35554?format=api", "vulnerability_id": "VCID-mz1c-c4b2-j7gy", "summary": "curl: OCSP verification bypass with TLS session reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40295", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262097", "reference_id": "2262097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262097" }, { "reference_url": "https://hackerone.com/reports/2298922", "reference_id": "2298922", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://hackerone.com/reports/2298922" }, { "reference_url": "https://curl.se/docs/CVE-2024-0853.html", "reference_id": "CVE-2024-0853.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://curl.se/docs/CVE-2024-0853.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-0853.json", "reference_id": "CVE-2024-0853.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://curl.se/docs/CVE-2024-0853.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0004/", "reference_id": "ntap-20240307-0004", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0004/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0009/", "reference_id": "ntap-20240426-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0009/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0012/", "reference_id": "ntap-20240503-0012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:54:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341995?format=api", "purl": "pkg:deb/debian/curl@8.6.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.6.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0853" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mz1c-c4b2-j7gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18221?format=api", "vulnerability_id": "VCID-ncpq-4ws5-eyh2", "summary": "curl: predictable WebSocket mask", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10148.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44539", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10148" }, { "reference_url": "https://curl.se/docs/CVE-2025-10148.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://curl.se/docs/CVE-2025-10148.html" }, { "reference_url": "https://hackerone.com/reports/3330839", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://hackerone.com/reports/3330839" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394749", "reference_id": "2394749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394749" }, { "reference_url": "https://curl.se/docs/CVE-2025-10148.json", "reference_id": "CVE-2025-10148.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T17:16:46Z/" } ], "url": "https://curl.se/docs/CVE-2025-10148.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342012?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342011?format=api", "purl": "pkg:deb/debian/curl@8.16.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.16.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-10148" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpq-4ws5-eyh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38502?format=api", "vulnerability_id": "VCID-nhst-thye-guh2", "summary": "curl: use after free in SSH sha256 fingerprint check", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55314", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28319" }, { "reference_url": "https://curl.se/docs/CVE-2023-28319.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28319.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1913733", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://hackerone.com/reports/1913733" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778", "reference_id": "2196778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341985?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28319" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhst-thye-guh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30402?format=api", "vulnerability_id": "VCID-q9s4-8jng-j7ht", "summary": "curl: macidn punycode buffer overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0099", "scoring_system": "epss", "scoring_elements": "0.77174", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6874" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996", "reference_id": "1076996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/24/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/24/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299654", "reference_id": "2299654", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299654" }, { "reference_url": "https://hackerone.com/reports/2604391", "reference_id": "2604391", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://hackerone.com/reports/2604391" }, { "reference_url": "https://curl.se/docs/CVE-2024-6874.html", "reference_id": "CVE-2024-6874.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-6874.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-6874.json", "reference_id": "CVE-2024-6874.json", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T16:13:40Z/" } ], "url": "https://curl.se/docs/CVE-2024-6874.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342001?format=api", "purl": "pkg:deb/debian/curl@8.9.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6874" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9s4-8jng-j7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27328?format=api", "vulnerability_id": "VCID-r1c8-6w99-kqgc", "summary": "curl: curl netrc password leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80721", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11053" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682", "reference_id": "1089682", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "reference_id": "2331191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331191" }, { "reference_url": "https://hackerone.com/reports/2829063", "reference_id": "2829063", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://hackerone.com/reports/2829063" }, { "reference_url": "https://curl.se/docs/CVE-2024-11053.html", "reference_id": "CVE-2024-11053.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-11053.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-11053.json", "reference_id": "CVE-2024-11053.json", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-11053.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/7162-1/", "reference_id": "USN-7162-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7162-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341996?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341997?format=api", "purl": "pkg:deb/debian/curl@8.11.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.11.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11053" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1c8-6w99-kqgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40784?format=api", "vulnerability_id": "VCID-srgc-rxj3-6ydd", "summary": "curl: HTTP proxy double-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64716", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42915" }, { "reference_url": "https://curl.se/docs/CVE-2022-42915.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://curl.se/docs/CVE-2022-42915.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1722065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1722065" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135413", "reference_id": "2135413", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135413" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/", "reference_id": "37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/", "reference_id": "HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0010/", "reference_id": "ntap-20221209-0010", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/", "reference_id": "Q27V5YYMXUVI6PRZQVECON32XPVWTKDK", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-42915" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-srgc-rxj3-6ydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89898?format=api", "vulnerability_id": "VCID-suuf-58uw-xucs", "summary": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60825", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9952" }, { "reference_url": "https://curl.se/docs/CVE-2016-9952.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9952.html" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161221B.html", "reference_id": "adv_20161221B.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161221B.html" }, { "reference_url": "https://curl.haxx.se/CVE-2016-9952.patch", "reference_id": "CVE-2016-9952.patch", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/" } ], "url": "https://curl.haxx.se/CVE-2016-9952.patch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9952" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-suuf-58uw-xucs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67914?format=api", "vulnerability_id": "VCID-t49y-2csd-q7c9", "summary": "curl: certificate check bypass when built with DarwinSSL as TLS backend", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8151.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62464", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8151" }, { "reference_url": "https://curl.se/docs/CVE-2014-8151.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-8151.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178698", "reference_id": "1178698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178698" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8151" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t49y-2csd-q7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42380?format=api", "vulnerability_id": "VCID-tx73-4h2v-uyb4", "summary": "curl: removes wrong file on error", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27778" }, { "reference_url": "https://curl.se/docs/CVE-2022-27778.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27778.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1553598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1553598" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082194", "reference_id": "2082194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082194" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27778" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tx73-4h2v-uyb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34188?format=api", "vulnerability_id": "VCID-ujr4-yect-subh", "summary": "curl: Usage of disabled protocol", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0091", "scoring_system": "epss", "scoring_elements": "0.76152", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270500", "reference_id": "2270500", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270500" }, { "reference_url": "https://hackerone.com/reports/2384833", "reference_id": "2384833", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://hackerone.com/reports/2384833" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/", "reference_id": "2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/" }, { "reference_url": "https://curl.se/docs/CVE-2024-2004.html", "reference_id": "CVE-2024-2004.html", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-2004.html" }, { "reference_url": "https://curl.se/docs/CVE-2024-2004.json", "reference_id": "CVE-2024-2004.json", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://curl.se/docs/CVE-2024-2004.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/", "reference_id": "GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0006/", "reference_id": "ntap-20240524-0006", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://usn.ubuntu.com/6718-1/", "reference_id": "USN-6718-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-1/" }, { "reference_url": "https://usn.ubuntu.com/6718-3/", "reference_id": "USN-6718-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341998?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341999?format=api", "purl": "pkg:deb/debian/curl@8.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2004" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujr4-yect-subh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89894?format=api", "vulnerability_id": "VCID-v3w9-aq2q-6kdd", "summary": "curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47942", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2522" }, { "reference_url": "https://curl.se/docs/CVE-2014-2522.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-2522.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2522" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3w9-aq2q-6kdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44963?format=api", "vulnerability_id": "VCID-vvsu-pcba-qfh6", "summary": "curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46202", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925" }, { "reference_url": "https://curl.se/docs/CVE-2021-22925.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22925.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://hackerone.com/reports/1223882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902", "reference_id": "1970902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/39", "reference_id": "39", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/40", "reference_id": "40", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT212804", "reference_id": "HT212804", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212804" }, { "reference_url": "https://support.apple.com/kb/HT212805", "reference_id": "HT212805", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212805" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-22925" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vvsu-pcba-qfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40783?format=api", "vulnerability_id": "VCID-w2fp-rb4q-kke3", "summary": "curl: .netrc parser out-of-bounds access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50609", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35260" }, { "reference_url": "https://curl.se/docs/CVE-2022-35260.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35260.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1721098", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://hackerone.com/reports/1721098" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135412", "reference_id": "2135412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135412" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341976?format=api", "purl": "pkg:deb/debian/curl@7.86.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.86.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35260" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2fp-rb4q-kke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42386?format=api", "vulnerability_id": "VCID-wj8v-8fnv-kqgj", "summary": "curl: HSTS bypass via trailing dot", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30115" }, { "reference_url": "https://curl.se/docs/CVE-2022-30115.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-30115.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1557449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1557449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082223", "reference_id": "2082223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082223" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341974?format=api", "purl": "pkg:deb/debian/curl@7.83.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.83.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-30115" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj8v-8fnv-kqgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12263?format=api", "vulnerability_id": "VCID-x47y-r42c-bkfk", "summary": "curl: libcurl: Improper certificate validation due to cached TLS settings reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14819.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14819.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19195", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14819" }, { "reference_url": "https://curl.se/docs/CVE-2025-14819.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:00:02Z/" } ], "url": "https://curl.se/docs/CVE-2025-14819.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426408", "reference_id": "2426408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426408" }, { "reference_url": "https://curl.se/docs/CVE-2025-14819.json", "reference_id": "CVE-2025-14819.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T15:00:02Z/" } ], "url": "https://curl.se/docs/CVE-2025-14819.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342017?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-14819" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x47y-r42c-bkfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12261?format=api", "vulnerability_id": "VCID-zssk-1ump-a3hh", "summary": "curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01954", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13034" }, { "reference_url": "https://curl.se/docs/CVE-2025-13034.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:56:11Z/" } ], "url": "https://curl.se/docs/CVE-2025-13034.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426406", "reference_id": "2426406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426406" }, { "reference_url": "https://curl.se/docs/CVE-2025-13034.json", "reference_id": "CVE-2025-13034.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:56:11Z/" } ], "url": "https://curl.se/docs/CVE-2025-13034.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/341935?format=api", "purl": "pkg:deb/debian/curl@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341924?format=api", "purl": "pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-32gj-mvnb-rudh" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-5jsn-ubxh-fqe4" }, { "vulnerability": "VCID-71rt-1h3a-jkcm" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-cczp-jbr5-j3g1" }, { "vulnerability": "VCID-e1rm-18vc-rkc2" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-frj4-zf2v-87g2" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-nmwe-9bw8-2ud1" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qqyy-ejjy-zugp" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-z46c-bshd-zuf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341922?format=api", "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-c7r3-5s6m-5ua1" }, { "vulnerability": "VCID-epuf-rc75-7bg3" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-ncpq-4ws5-eyh2" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341926?format=api", "purl": "pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14cb-wnj7-13e2" }, { "vulnerability": "VCID-2bvs-a5w1-gfhe" }, { "vulnerability": "VCID-4pzm-87dd-xqbs" }, { "vulnerability": "VCID-5hb5-9gh5-kyfs" }, { "vulnerability": "VCID-777y-dgxh-kba5" }, { "vulnerability": "VCID-8f6k-xr87-uqfz" }, { "vulnerability": "VCID-9mnp-4p5a-ybcn" }, { "vulnerability": "VCID-ab48-azj9-p3hq" }, { "vulnerability": "VCID-fdqn-e8uu-j3hx" }, { "vulnerability": "VCID-guzm-25ur-qkgz" }, { "vulnerability": "VCID-k93r-eqgb-fqgq" }, { "vulnerability": "VCID-ku14-1pmr-pbbd" }, { "vulnerability": "VCID-qax6-9qcb-6yah" }, { "vulnerability": "VCID-qteb-88n4-5ka7" }, { "vulnerability": "VCID-r4re-xx26-2kgm" }, { "vulnerability": "VCID-ss8u-8s2v-dkf4" }, { "vulnerability": "VCID-x47y-r42c-bkfk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/342016?format=api", "purl": "pkg:deb/debian/curl@8.18.0~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/341925?format=api", "purl": "pkg:deb/debian/curl@8.20.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-13034" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zssk-1ump-a3hh" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie" }