| 0 |
| url |
VCID-1k8f-qgcv-xkhb |
| vulnerability_id |
VCID-1k8f-qgcv-xkhb |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27782 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64546 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64552 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.6454 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64512 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64484 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64515 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64472 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.6452 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00469 |
| scoring_system |
epss |
| scoring_elements |
0.64536 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27782 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.1 |
| purl |
pkg:generic/curl.se/curl@7.83.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 11 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 15 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 16 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 17 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 18 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 19 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 20 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 21 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 22 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 23 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 24 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 25 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 26 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 27 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 28 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 29 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 30 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 31 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 32 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 33 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 34 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 35 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 36 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 37 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 38 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 39 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1 |
|
|
| aliases |
CVE-2022-27782
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1k8f-qgcv-xkhb |
|
| 1 |
| url |
VCID-2cx5-1qnw-uufj |
| vulnerability_id |
VCID-2cx5-1qnw-uufj |
| summary |
curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-1965 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17246 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17194 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16802 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16891 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16949 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16923 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19261 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19223 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19316 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-1965 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2026-1965.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/ |
|
|
| url |
https://curl.se/docs/CVE-2026-1965.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-1965
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2cx5-1qnw-uufj |
|
| 2 |
| url |
VCID-2xmp-jc8v-bucb |
| vulnerability_id |
VCID-2xmp-jc8v-bucb |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35252 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43804 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43787 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43779 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43736 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52356 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52298 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52348 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52332 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52318 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35252 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.85.0 |
| purl |
pkg:generic/curl.se/curl@7.85.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 11 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 12 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 13 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 14 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 15 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 16 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 17 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 18 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 19 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 20 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 21 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 22 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 23 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 24 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 25 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 26 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 27 |
| vulnerability |
VCID-rg54-svzj-x7f9 |
|
| 28 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 29 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 30 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 31 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 32 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 33 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 34 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 35 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 36 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 37 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 38 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0 |
|
|
| aliases |
CVE-2022-35252
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2xmp-jc8v-bucb |
|
| 3 |
| url |
VCID-3sy2-4f3g-zkac |
| vulnerability_id |
VCID-3sy2-4f3g-zkac |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27774 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53851 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53847 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.5383 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53814 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53749 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53775 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53748 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53801 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00306 |
| scoring_system |
epss |
| scoring_elements |
0.53799 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27774 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k8f-qgcv-xkhb |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 3 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 4 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 5 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 6 |
| vulnerability |
VCID-6ge5-86tg-dydf |
|
| 7 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 8 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 9 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 10 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 11 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 12 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 13 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 14 |
| vulnerability |
VCID-bb2f-7qrm-1kca |
|
| 15 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 16 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 17 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 18 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 19 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 20 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 21 |
| vulnerability |
VCID-hjkx-6yep-mkde |
|
| 22 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 23 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 24 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 25 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 26 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 27 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 28 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 29 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 30 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 31 |
| vulnerability |
VCID-rhxh-77pj-1bfy |
|
| 32 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 33 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 34 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 35 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 36 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 37 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 38 |
| vulnerability |
VCID-v9n1-d6xt-6ubn |
|
| 39 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 40 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 41 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 42 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 43 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 44 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 45 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-27774
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3sy2-4f3g-zkac |
|
| 4 |
| url |
VCID-47qb-2qkw-1qej |
| vulnerability_id |
VCID-47qb-2qkw-1qej |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28321 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53057 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.52966 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.52991 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.52959 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53009 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53003 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53052 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53037 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.5302 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28321 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 7 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 8 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 9 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 10 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 11 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 12 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 13 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 14 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 15 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 16 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 17 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 18 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 19 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 20 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 21 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28321
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-47qb-2qkw-1qej |
|
| 5 |
| url |
VCID-4e1k-7bj9-hfch |
| vulnerability_id |
VCID-4e1k-7bj9-hfch |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23914 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31922 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.32048 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.32088 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31911 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31963 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31992 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31995 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31955 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23914 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.88.0 |
| purl |
pkg:generic/curl.se/curl@7.88.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 7 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 8 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 9 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 10 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 11 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 12 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 13 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 14 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 15 |
| vulnerability |
VCID-ke81-x2ze-rbc5 |
|
| 16 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 17 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 18 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 19 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 20 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 21 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 22 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 23 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 24 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 25 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 26 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 27 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 28 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 29 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 30 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 31 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0 |
|
|
| aliases |
CVE-2023-23914
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4e1k-7bj9-hfch |
|
| 6 |
| url |
VCID-4gze-cwtp-2bgr |
| vulnerability_id |
VCID-4gze-cwtp-2bgr |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23915 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13754 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13978 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.14033 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13836 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.1392 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13973 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.1393 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13894 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13846 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23915 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.88.0 |
| purl |
pkg:generic/curl.se/curl@7.88.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 7 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 8 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 9 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 10 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 11 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 12 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 13 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 14 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 15 |
| vulnerability |
VCID-ke81-x2ze-rbc5 |
|
| 16 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 17 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 18 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 19 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 20 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 21 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 22 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 23 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 24 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 25 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 26 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 27 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 28 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 29 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 30 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 31 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0 |
|
|
| aliases |
CVE-2023-23915
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4gze-cwtp-2bgr |
|
| 7 |
| url |
VCID-6we4-n888-6qhe |
| vulnerability_id |
VCID-6we4-n888-6qhe |
| summary |
libcurl: Buffer Overflow in libcurl via zlib Integer Overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0725 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.6327 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63305 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63322 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63306 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63788 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63823 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63815 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00454 |
| scoring_system |
epss |
| scoring_elements |
0.63772 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0725 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2025-0725.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/ |
|
|
| url |
https://curl.se/docs/CVE-2025-0725.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.12.0 |
| purl |
pkg:generic/curl.se/curl@8.12.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 4 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 5 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 6 |
| vulnerability |
VCID-ksap-zrmb-ebcu |
|
| 7 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 8 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 9 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 10 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 11 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 12 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0 |
|
|
| aliases |
CVE-2025-0725
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6we4-n888-6qhe |
|
| 8 |
| url |
VCID-75nw-4e2d-zqgg |
| vulnerability_id |
VCID-75nw-4e2d-zqgg |
| summary |
curl: libcurl: ASN.1 date parser overread |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7264 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00796 |
| scoring_system |
epss |
| scoring_elements |
0.73947 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00796 |
| scoring_system |
epss |
| scoring_elements |
0.73978 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00796 |
| scoring_system |
epss |
| scoring_elements |
0.73943 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00796 |
| scoring_system |
epss |
| scoring_elements |
0.73973 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75437 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75409 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75429 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75407 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75396 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7264 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://curl.se/docs/CVE-2024-7264.html |
| reference_id |
CVE-2024-7264.html |
| reference_type |
|
| scores |
| 0 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-7264.html |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.9.1 |
| purl |
pkg:generic/curl.se/curl@8.9.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 5 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 6 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 7 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 8 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 9 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 10 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 11 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 12 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 13 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 14 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 15 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 16 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.1 |
|
|
| aliases |
CVE-2024-7264
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-75nw-4e2d-zqgg |
|
| 9 |
| url |
VCID-7srk-hshe-h3f4 |
| vulnerability_id |
VCID-7srk-hshe-h3f4 |
| summary |
Improper Authentication
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27538 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03579 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03588 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03622 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.036 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03599 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03574 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05545 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05601 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05595 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27538 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 8 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 9 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 10 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 11 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 12 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 13 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 14 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 15 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 16 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 17 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 18 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 19 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 20 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 21 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 22 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 23 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 24 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 25 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27538
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
6.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7srk-hshe-h3f4 |
|
| 10 |
| url |
VCID-8zks-th64-33b8 |
| vulnerability_id |
VCID-8zks-th64-33b8 |
| summary |
curl: curl: Unauthorized access due to improper HTTP proxy connection reuse |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3784 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03044 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03051 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03081 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03056 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03053 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03037 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03659 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03709 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03683 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3784 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2026-3784.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/ |
|
|
| url |
https://curl.se/docs/CVE-2026-3784.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-3784
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8zks-th64-33b8 |
|
| 11 |
| url |
VCID-9ggp-5wfj-ufcq |
| vulnerability_id |
VCID-9ggp-5wfj-ufcq |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43552 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42409 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42428 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42458 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42397 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42447 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42455 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42477 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.4244 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43552 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.87.0 |
| purl |
pkg:generic/curl.se/curl@7.87.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 11 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 15 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 16 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 17 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 18 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 19 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 20 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 21 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 22 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 23 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 24 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 25 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 26 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 27 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 28 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 29 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 30 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 31 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 32 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 33 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0 |
|
|
| aliases |
CVE-2022-43552
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ggp-5wfj-ufcq |
|
| 12 |
| url |
VCID-9nak-pscy-e7gs |
| vulnerability_id |
VCID-9nak-pscy-e7gs |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32221 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01681 |
| scoring_system |
epss |
| scoring_elements |
0.82218 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.01681 |
| scoring_system |
epss |
| scoring_elements |
0.82185 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.01681 |
| scoring_system |
epss |
| scoring_elements |
0.82179 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.02591 |
| scoring_system |
epss |
| scoring_elements |
0.8553 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.02591 |
| scoring_system |
epss |
| scoring_elements |
0.85547 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.02753 |
| scoring_system |
epss |
| scoring_elements |
0.85998 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02753 |
| scoring_system |
epss |
| scoring_elements |
0.86012 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02753 |
| scoring_system |
epss |
| scoring_elements |
0.85988 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.02753 |
| scoring_system |
epss |
| scoring_elements |
0.85969 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32221 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.86.0 |
| purl |
pkg:generic/curl.se/curl@7.86.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 11 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 15 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 16 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 17 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 18 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 19 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 20 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 21 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 22 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 23 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 24 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 25 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 26 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 27 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 28 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 29 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 30 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 31 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 32 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 33 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 34 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0 |
|
|
| aliases |
CVE-2022-32221
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9nak-pscy-e7gs |
|
| 13 |
| url |
VCID-arjz-67yz-wkg9 |
| vulnerability_id |
VCID-arjz-67yz-wkg9 |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27533 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40463 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40439 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40465 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40389 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.4044 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40451 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40472 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40434 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40415 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27533 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 8 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 9 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 10 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 11 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 12 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 13 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 14 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 15 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 16 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 17 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 18 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 19 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 20 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 21 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 22 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 23 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 24 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 25 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27533
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-arjz-67yz-wkg9 |
|
| 14 |
| url |
VCID-bb2f-7qrm-1kca |
| vulnerability_id |
VCID-bb2f-7qrm-1kca |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27781 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23006 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23085 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23049 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.22992 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23104 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23149 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.2294 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23013 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23066 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27781 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.1 |
| purl |
pkg:generic/curl.se/curl@7.83.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 11 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 15 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 16 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 17 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 18 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 19 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 20 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 21 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 22 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 23 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 24 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 25 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 26 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 27 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 28 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 29 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 30 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 31 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 32 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 33 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 34 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 35 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 36 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 37 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 38 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 39 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1 |
|
|
| aliases |
CVE-2022-27781
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bb2f-7qrm-1kca |
|
| 15 |
| url |
VCID-cbah-e86c-w3fj |
| vulnerability_id |
VCID-cbah-e86c-w3fj |
| summary |
Improper Authentication
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27535 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20226 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20386 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.2017 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20251 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20311 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20295 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00065 |
| scoring_system |
epss |
| scoring_elements |
0.20236 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27535 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 8 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 9 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 10 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 11 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 12 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 13 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 14 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 15 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 16 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 17 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 18 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 19 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 20 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 21 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 22 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 23 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 24 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 25 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27535
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cbah-e86c-w3fj |
|
| 16 |
| url |
VCID-ddgz-rczw-jqfw |
| vulnerability_id |
VCID-ddgz-rczw-jqfw |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28320 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67581 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67504 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67526 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67556 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.6757 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67592 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67579 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67546 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28320 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 7 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 8 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 9 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 10 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 11 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 12 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 13 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 14 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 15 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 16 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 17 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 18 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 19 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 20 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 21 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28320
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ddgz-rczw-jqfw |
|
| 17 |
| url |
VCID-ej47-4dcu-5fhy |
| vulnerability_id |
VCID-ej47-4dcu-5fhy |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42915 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64442 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64436 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64407 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70143 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70128 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00812 |
| scoring_system |
epss |
| scoring_elements |
0.74272 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00812 |
| scoring_system |
epss |
| scoring_elements |
0.7425 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00812 |
| scoring_system |
epss |
| scoring_elements |
0.74235 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00812 |
| scoring_system |
epss |
| scoring_elements |
0.74203 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42915 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.86.0 |
| purl |
pkg:generic/curl.se/curl@7.86.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 11 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 15 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 16 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 17 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 18 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 19 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 20 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 21 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 22 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 23 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 24 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 25 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 26 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 27 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 28 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 29 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 30 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 31 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 32 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 33 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 34 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0 |
|
|
| aliases |
CVE-2022-42915
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ej47-4dcu-5fhy |
|
| 18 |
| url |
VCID-etzn-uhck-h7b2 |
| vulnerability_id |
VCID-etzn-uhck-h7b2 |
| summary |
curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3783 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.035 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03509 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03544 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03521 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.0352 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03496 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04144 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.042 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04175 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3783 |
|
| 2 |
| reference_url |
https://curl.se/docs/CVE-2026-3783.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/ |
|
|
| url |
https://curl.se/docs/CVE-2026-3783.html |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-3783
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-etzn-uhck-h7b2 |
|
| 19 |
| url |
VCID-gnx2-djyk-uyaf |
| vulnerability_id |
VCID-gnx2-djyk-uyaf |
| summary |
Cookie injection with none file
This flaw allows an attacker to insert cookies at will into a running program
using libcurl, if the specific series of conditions are met.
libcurl performs transfers. In its API, an application creates "easy handles"
that are the individual handles for single transfers.
libcurl provides a function call that duplicates en easy handle called
[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).
If a transfer has cookies enabled when the handle is duplicated, the
cookie-enable state is also cloned - but without cloning the actual
cookies. If the source handle does not read any cookies from a specific file on
disk, the cloned version of the handle would instead store the file name as
`none` (using the four ASCII letters, no quotes).
Subsequent use of the cloned handle that does not explicitly set a source to
load cookies from would then inadvertently load cookies from a file named
`none` - if such a file exists and is readable in the current directory of the
program using libcurl. And if using the correct file format of course. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38546 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49036 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48964 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48991 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48944 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48998 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48995 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49012 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48985 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38546 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.4.0 |
| purl |
pkg:generic/curl.se/curl@8.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 7 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 8 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 9 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 10 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 11 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 12 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 13 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 14 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 15 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 16 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 17 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 18 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0 |
|
|
| aliases |
CVE-2023-38546
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gnx2-djyk-uyaf |
|
| 20 |
| url |
VCID-gv7x-j8bz-wycc |
| vulnerability_id |
VCID-gv7x-j8bz-wycc |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32207 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42654 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42604 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42633 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42572 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42624 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42635 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42658 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42622 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42594 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32207 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 11 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 12 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 13 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 14 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 15 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 16 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 17 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 18 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 19 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 20 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 21 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 22 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 23 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 24 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 25 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 26 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 27 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 28 |
| vulnerability |
VCID-rg54-svzj-x7f9 |
|
| 29 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 30 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 31 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 32 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 33 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 34 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 35 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 36 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 37 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 38 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32207
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gv7x-j8bz-wycc |
|
| 21 |
| url |
VCID-hrsy-694u-2fec |
| vulnerability_id |
VCID-hrsy-694u-2fec |
| summary |
curl: OCSP stapling bypass with GnuTLS |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8096 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66629 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66562 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66587 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66559 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66606 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.6662 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66638 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66626 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00515 |
| scoring_system |
epss |
| scoring_elements |
0.66593 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8096 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://curl.se/docs/CVE-2024-8096.html |
| reference_id |
CVE-2024-8096.html |
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-8096.html |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.10.0 |
| purl |
pkg:generic/curl.se/curl@8.10.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 5 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 6 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 7 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 8 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 9 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 10 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 11 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 12 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 13 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 14 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 15 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.10.0 |
|
|
| aliases |
CVE-2024-8096
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hrsy-694u-2fec |
|
| 22 |
| url |
VCID-mkyr-w79c-qqfz |
| vulnerability_id |
VCID-mkyr-w79c-qqfz |
| summary |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14017 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00579 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00593 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00595 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00587 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00586 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00582 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.00583 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
7e-05 |
| scoring_system |
epss |
| scoring_elements |
0.006 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14017 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-14017
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyr-w79c-qqfz |
|
| 23 |
| url |
VCID-ms2r-94ph-yyh3 |
| vulnerability_id |
VCID-ms2r-94ph-yyh3 |
| summary |
Improper Authentication
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27536 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01282 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01285 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.0129 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01301 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01306 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.0131 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01294 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01288 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00011 |
| scoring_system |
epss |
| scoring_elements |
0.01291 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27536 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 8 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 9 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 10 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 11 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 12 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 13 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 14 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 15 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 16 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 17 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 18 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 19 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 20 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 21 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 22 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 23 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 24 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 25 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27536
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2r-94ph-yyh3 |
|
| 24 |
| url |
VCID-n57n-cymy-z7dr |
| vulnerability_id |
VCID-n57n-cymy-z7dr |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23916 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25909 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.2607 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.2611 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25878 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25948 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25999 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.26009 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25964 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25905 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23916 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.88.0 |
| purl |
pkg:generic/curl.se/curl@7.88.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 7 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 8 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 9 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 10 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 11 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 12 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 13 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 14 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 15 |
| vulnerability |
VCID-ke81-x2ze-rbc5 |
|
| 16 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 17 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 18 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 19 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 20 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 21 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 22 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 23 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 24 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 25 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 26 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 27 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 28 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 29 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 30 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 31 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0 |
|
|
| aliases |
CVE-2023-23916
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n57n-cymy-z7dr |
|
| 25 |
| url |
VCID-nvzd-v3bs-6qek |
| vulnerability_id |
VCID-nvzd-v3bs-6qek |
| summary |
When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15079 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10292 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10237 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10359 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.1026 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10333 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10399 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10428 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10388 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10366 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15079 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-15079
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nvzd-v3bs-6qek |
|
| 26 |
| url |
VCID-pwn6-j8vf-rufk |
| vulnerability_id |
VCID-pwn6-j8vf-rufk |
| summary |
curl: HSTS subdomain overwrites parent cache entry |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9681 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72605 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72522 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72539 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72515 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72554 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72566 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.7259 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72572 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72562 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9681 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://curl.se/docs/CVE-2024-9681.html |
| reference_id |
CVE-2024-9681.html |
| reference_type |
|
| scores |
| 0 |
| value |
5.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-9681.html |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.11.0 |
| purl |
pkg:generic/curl.se/curl@8.11.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 5 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 6 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 7 |
| vulnerability |
VCID-ksap-zrmb-ebcu |
|
| 8 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 9 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 10 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 11 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 12 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 13 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 14 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 15 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.11.0 |
|
|
| aliases |
CVE-2024-9681
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pwn6-j8vf-rufk |
|
| 27 |
| url |
VCID-q229-ag6u-u3hv |
| vulnerability_id |
VCID-q229-ag6u-u3hv |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22576 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50585 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50613 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56699 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5669 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56669 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.57955 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.5801 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58012 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58028 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22576 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k8f-qgcv-xkhb |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 3 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 4 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 5 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 6 |
| vulnerability |
VCID-6ge5-86tg-dydf |
|
| 7 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 8 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 9 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 10 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 11 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 12 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 13 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 14 |
| vulnerability |
VCID-bb2f-7qrm-1kca |
|
| 15 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 16 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 17 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 18 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 19 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 20 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 21 |
| vulnerability |
VCID-hjkx-6yep-mkde |
|
| 22 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 23 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 24 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 25 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 26 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 27 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 28 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 29 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 30 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 31 |
| vulnerability |
VCID-rhxh-77pj-1bfy |
|
| 32 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 33 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 34 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 35 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 36 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 37 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 38 |
| vulnerability |
VCID-v9n1-d6xt-6ubn |
|
| 39 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 40 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 41 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 42 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 43 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 44 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 45 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-22576
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q229-ag6u-u3hv |
|
| 28 |
| url |
VCID-qdcn-2u3v-b3cv |
| vulnerability_id |
VCID-qdcn-2u3v-b3cv |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-46218 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60632 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60627 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60612 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60591 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62608 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62656 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62672 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62606 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62641 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-46218 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.5.0 |
| purl |
pkg:generic/curl.se/curl@8.5.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-2vwu-y316-gbb2 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-b69q-9yrr-myf7 |
|
| 8 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 9 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 10 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 11 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 12 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 13 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 14 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 15 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 16 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 17 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 18 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 19 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0 |
|
|
| aliases |
CVE-2023-46218
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcn-2u3v-b3cv |
|
| 29 |
| url |
VCID-qpux-jh6k-8qhx |
| vulnerability_id |
VCID-qpux-jh6k-8qhx |
| summary |
curl: Curl missing SFTP host verification with wolfSSH backend |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10966 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00018 |
| scoring_system |
epss |
| scoring_elements |
0.04624 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05191 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05467 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05252 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05288 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05309 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05274 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.0526 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05246 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10966 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-10966
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qpux-jh6k-8qhx |
|
| 30 |
| url |
VCID-r7bh-7wur-xffs |
| vulnerability_id |
VCID-r7bh-7wur-xffs |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27776 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71649 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71574 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71592 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71565 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71605 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71616 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71639 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71623 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00682 |
| scoring_system |
epss |
| scoring_elements |
0.71604 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27776 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k8f-qgcv-xkhb |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 3 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 4 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 5 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 6 |
| vulnerability |
VCID-6ge5-86tg-dydf |
|
| 7 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 8 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 9 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 10 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 11 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 12 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 13 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 14 |
| vulnerability |
VCID-bb2f-7qrm-1kca |
|
| 15 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 16 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 17 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 18 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 19 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 20 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 21 |
| vulnerability |
VCID-hjkx-6yep-mkde |
|
| 22 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 23 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 24 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 25 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 26 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 27 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 28 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 29 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 30 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 31 |
| vulnerability |
VCID-rhxh-77pj-1bfy |
|
| 32 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 33 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 34 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 35 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 36 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 37 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 38 |
| vulnerability |
VCID-v9n1-d6xt-6ubn |
|
| 39 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 40 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 41 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 42 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 43 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 44 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 45 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-27776
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r7bh-7wur-xffs |
|
| 31 |
| url |
VCID-s73y-y7v7-43cm |
| vulnerability_id |
VCID-s73y-y7v7-43cm |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28322 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70331 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70238 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70255 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70232 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70278 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70294 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70317 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70302 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00631 |
| scoring_system |
epss |
| scoring_elements |
0.70289 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28322 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.1.0 |
| purl |
pkg:generic/curl.se/curl@8.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 7 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 8 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 9 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 10 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 11 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 12 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 13 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 14 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 15 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 16 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 17 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 18 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 19 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 20 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 21 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0 |
|
|
| aliases |
CVE-2023-28322
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm |
|
| 32 |
| url |
VCID-syz5-5y6f-s7er |
| vulnerability_id |
VCID-syz5-5y6f-s7er |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27534 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19882 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19963 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19904 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20068 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20126 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19854 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19988 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20007 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-27534 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.0.0 |
| purl |
pkg:generic/curl.se/curl@8.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 8 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 9 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 10 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 11 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 12 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 13 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 14 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 15 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 16 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 17 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 18 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 19 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 20 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 21 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 22 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 23 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 24 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 25 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0 |
|
|
| aliases |
CVE-2023-27534
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-syz5-5y6f-s7er |
|
| 33 |
| url |
VCID-t1fk-cbsx-j3gh |
| vulnerability_id |
VCID-t1fk-cbsx-j3gh |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32205 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85604 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85522 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85539 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85544 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85564 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85575 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85589 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85586 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02588 |
| scoring_system |
epss |
| scoring_elements |
0.85581 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32205 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 11 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 12 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 13 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 14 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 15 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 16 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 17 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 18 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 19 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 20 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 21 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 22 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 23 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 24 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 25 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 26 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 27 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 28 |
| vulnerability |
VCID-rg54-svzj-x7f9 |
|
| 29 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 30 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 31 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 32 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 33 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 34 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 35 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 36 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 37 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 38 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32205
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t1fk-cbsx-j3gh |
|
| 34 |
| url |
VCID-t8t6-9wa3-aub7 |
| vulnerability_id |
VCID-t8t6-9wa3-aub7 |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27775 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35947 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.3597 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35931 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35907 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.36026 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.36057 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.3589 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.3594 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35964 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-27775 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.83.0 |
| purl |
pkg:generic/curl.se/curl@7.83.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k8f-qgcv-xkhb |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 3 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 4 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 5 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 6 |
| vulnerability |
VCID-6ge5-86tg-dydf |
|
| 7 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 8 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 9 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 10 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 11 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 12 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 13 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 14 |
| vulnerability |
VCID-bb2f-7qrm-1kca |
|
| 15 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 16 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 17 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 18 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 19 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 20 |
| vulnerability |
VCID-gv7x-j8bz-wycc |
|
| 21 |
| vulnerability |
VCID-hjkx-6yep-mkde |
|
| 22 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 23 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 24 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 25 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 26 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 27 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 28 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 29 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 30 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 31 |
| vulnerability |
VCID-rhxh-77pj-1bfy |
|
| 32 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 33 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 34 |
| vulnerability |
VCID-t1fk-cbsx-j3gh |
|
| 35 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 36 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 37 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 38 |
| vulnerability |
VCID-v9n1-d6xt-6ubn |
|
| 39 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 40 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 41 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 42 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 43 |
| vulnerability |
VCID-xzay-sjpy-3yce |
|
| 44 |
| vulnerability |
VCID-y4x5-n5m2-x7bq |
|
| 45 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0 |
|
|
| aliases |
CVE-2022-27775
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t8t6-9wa3-aub7 |
|
| 35 |
| url |
VCID-t9p4-2x7v-yfaq |
| vulnerability_id |
VCID-t9p4-2x7v-yfaq |
| summary |
|
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0167 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00331 |
| scoring_system |
epss |
| scoring_elements |
0.56103 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00331 |
| scoring_system |
epss |
| scoring_elements |
0.56114 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00331 |
| scoring_system |
epss |
| scoring_elements |
0.56109 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00331 |
| scoring_system |
epss |
| scoring_elements |
0.56074 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00331 |
| scoring_system |
epss |
| scoring_elements |
0.56091 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00341 |
| scoring_system |
epss |
| scoring_elements |
0.56786 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00341 |
| scoring_system |
epss |
| scoring_elements |
0.56789 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00341 |
| scoring_system |
epss |
| scoring_elements |
0.5681 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00341 |
| scoring_system |
epss |
| scoring_elements |
0.56838 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0167 |
|
| 1 |
| reference_url |
https://curl.se/docs/CVE-2025-0167.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/ |
|
|
| url |
https://curl.se/docs/CVE-2025-0167.html |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.12.0 |
| purl |
pkg:generic/curl.se/curl@8.12.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 4 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 5 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 6 |
| vulnerability |
VCID-ksap-zrmb-ebcu |
|
| 7 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 8 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 9 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 10 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 11 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 12 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0 |
|
|
| aliases |
CVE-2025-0167
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t9p4-2x7v-yfaq |
|
| 36 |
| url |
VCID-tcqe-7skm-b3fz |
| vulnerability_id |
VCID-tcqe-7skm-b3fz |
| summary |
Out-of-bounds Write
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked to pass along the host name to the SOCKS5 proxy to allow
that to resolve the address instead of it getting done by curl itself, the
maximum length that host name can be is 255 bytes.
If the host name is detected to be longer, curl switches to local name
resolving and instead passes on the resolved address only. Due to this bug,
the local variable that means "let the host resolve the name" could get the
wrong value during a slow SOCKS5 handshake, and contrary to the intention,
copy the too long host name to the target buffer instead of copying just the
resolved address there.
The target buffer being a heap based buffer, and the host name coming from the
URL that curl has been told to operate with. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38545 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96312 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96278 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96283 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96292 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96295 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.963 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.2625 |
| scoring_system |
epss |
| scoring_elements |
0.96303 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.26747 |
| scoring_system |
epss |
| scoring_elements |
0.96315 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38545 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
| reference_url |
https://curl.se/docs/CVE-2023-38545.html |
| reference_id |
CVE-2023-38545.HTML |
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
High |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/ |
|
|
| url |
https://curl.se/docs/CVE-2023-38545.html |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.4.0 |
| purl |
pkg:generic/curl.se/curl@8.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 7 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 8 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 9 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 10 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 11 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 12 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 13 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 14 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 15 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 16 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 17 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 18 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0 |
|
|
| aliases |
CVE-2023-38545
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tcqe-7skm-b3fz |
|
| 37 |
| url |
VCID-u4bx-xqb3-vuef |
| vulnerability_id |
VCID-u4bx-xqb3-vuef |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2398 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83544 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83457 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83472 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.8347 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83495 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83504 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83519 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83512 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01962 |
| scoring_system |
epss |
| scoring_elements |
0.83509 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2398 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://curl.se/docs/CVE-2024-2398.html |
| reference_id |
CVE-2024-2398.html |
| reference_type |
|
| scores |
| 0 |
| value |
8.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
|
| 1 |
| value |
Medium |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-2398.html |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.7.0 |
| purl |
pkg:generic/curl.se/curl@8.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 2 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 3 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 4 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 5 |
| vulnerability |
VCID-8m6a-ej6a-g3df |
|
| 6 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 7 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 8 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 9 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 10 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 11 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 12 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 13 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 14 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 15 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 16 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0 |
|
|
| aliases |
CVE-2024-2398
|
| risk_score |
3.9 |
| exploitability |
0.5 |
| weighted_severity |
7.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u4bx-xqb3-vuef |
|
| 38 |
| url |
VCID-vbbv-k1r7-kkas |
| vulnerability_id |
VCID-vbbv-k1r7-kkas |
| summary |
When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15224 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24629 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24485 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24667 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24442 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.2451 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24554 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.2457 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.24526 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00084 |
| scoring_system |
epss |
| scoring_elements |
0.2447 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15224 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-15224
|
| risk_score |
2.1 |
| exploitability |
0.5 |
| weighted_severity |
4.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vbbv-k1r7-kkas |
|
| 39 |
| url |
VCID-wgma-bycg-1qb1 |
| vulnerability_id |
VCID-wgma-bycg-1qb1 |
| summary |
curl: curl netrc password leak |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11053 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76402 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76306 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76336 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76315 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76348 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76362 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76388 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76366 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00949 |
| scoring_system |
epss |
| scoring_elements |
0.76361 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11053 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://curl.se/docs/CVE-2024-11053.html |
| reference_id |
CVE-2024-11053.html |
| reference_type |
|
| scores |
| 0 |
| value |
3.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N |
|
| 1 |
| value |
Low |
| scoring_system |
cvssv3.1 |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/ |
|
|
| url |
https://curl.se/docs/CVE-2024-11053.html |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@8.11.1 |
| purl |
pkg:generic/curl.se/curl@8.11.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-176a-agbw-hqdy |
|
| 1 |
| vulnerability |
VCID-26p8-15d6-kbb1 |
|
| 2 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 3 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 4 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 5 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 6 |
| vulnerability |
VCID-9mjz-apkm-g7h1 |
|
| 7 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 8 |
| vulnerability |
VCID-ksap-zrmb-ebcu |
|
| 9 |
| vulnerability |
VCID-kt4b-7ffh-4bch |
|
| 10 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 11 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 12 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 13 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 14 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 15 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.11.1 |
|
|
| aliases |
CVE-2024-11053
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wgma-bycg-1qb1 |
|
| 40 |
| url |
VCID-x57x-w8g8-7ybz |
| vulnerability_id |
VCID-x57x-w8g8-7ybz |
| summary |
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14524 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07128 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.0715 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07177 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07151 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07206 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07237 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07234 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07222 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00026 |
| scoring_system |
epss |
| scoring_elements |
0.07212 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14524 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-14524
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x57x-w8g8-7ybz |
|
| 41 |
| url |
VCID-xpss-yndr-mycj |
| vulnerability_id |
VCID-xpss-yndr-mycj |
| summary |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43551 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.1269 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12923 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12972 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12773 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12852 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12902 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12868 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12831 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12786 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43551 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.87.0 |
| purl |
pkg:generic/curl.se/curl@7.87.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-5xp7-mcsa-uqd4 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 11 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 15 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 16 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 17 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 18 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 19 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 20 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 21 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 22 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 23 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 24 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 25 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 26 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 27 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 28 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 29 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 30 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 31 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 32 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 33 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0 |
|
|
| aliases |
CVE-2022-43551
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xpss-yndr-mycj |
|
| 42 |
| url |
VCID-xzay-sjpy-3yce |
| vulnerability_id |
VCID-xzay-sjpy-3yce |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32206 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.892 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89143 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89158 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89178 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89183 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89193 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89189 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.04546 |
| scoring_system |
epss |
| scoring_elements |
0.89187 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32206 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 11 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 12 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 13 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 14 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 15 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 16 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 17 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 18 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 19 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 20 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 21 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 22 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 23 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 24 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 25 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 26 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 27 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 28 |
| vulnerability |
VCID-rg54-svzj-x7f9 |
|
| 29 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 30 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 31 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 32 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 33 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 34 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 35 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 36 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 37 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 38 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32206
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xzay-sjpy-3yce |
|
| 43 |
| url |
VCID-y4x5-n5m2-x7bq |
| vulnerability_id |
VCID-y4x5-n5m2-x7bq |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32208 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37884 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37916 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37942 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37819 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.3787 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37883 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37898 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37862 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37837 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32208 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.84.0 |
| purl |
pkg:generic/curl.se/curl@7.84.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-2xmp-jc8v-bucb |
|
| 2 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 3 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 4 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 5 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 6 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 7 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 8 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 9 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 10 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 11 |
| vulnerability |
VCID-9nak-pscy-e7gs |
|
| 12 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 13 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 14 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 15 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 16 |
| vulnerability |
VCID-ej47-4dcu-5fhy |
|
| 17 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 18 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 19 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 20 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 21 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 22 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 23 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 24 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 25 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 26 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 27 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 28 |
| vulnerability |
VCID-rg54-svzj-x7f9 |
|
| 29 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 30 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 31 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 32 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 33 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 34 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 35 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 36 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 37 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
| 38 |
| vulnerability |
VCID-yaas-j3qk-kfdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0 |
|
|
| aliases |
CVE-2022-32208
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y4x5-n5m2-x7bq |
|
| 44 |
| url |
VCID-yaas-j3qk-kfdg |
| vulnerability_id |
VCID-yaas-j3qk-kfdg |
| summary |
Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42916 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25964 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25934 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26002 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26053 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26063 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26017 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25958 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.31202 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.31155 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42916 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:generic/curl.se/curl@7.86.0 |
| purl |
pkg:generic/curl.se/curl@7.86.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cx5-1qnw-uufj |
|
| 1 |
| vulnerability |
VCID-47qb-2qkw-1qej |
|
| 2 |
| vulnerability |
VCID-4e1k-7bj9-hfch |
|
| 3 |
| vulnerability |
VCID-4gze-cwtp-2bgr |
|
| 4 |
| vulnerability |
VCID-4seq-hvbx-7fg8 |
|
| 5 |
| vulnerability |
VCID-6we4-n888-6qhe |
|
| 6 |
| vulnerability |
VCID-75nw-4e2d-zqgg |
|
| 7 |
| vulnerability |
VCID-7srk-hshe-h3f4 |
|
| 8 |
| vulnerability |
VCID-8zks-th64-33b8 |
|
| 9 |
| vulnerability |
VCID-9ggp-5wfj-ufcq |
|
| 10 |
| vulnerability |
VCID-arjz-67yz-wkg9 |
|
| 11 |
| vulnerability |
VCID-bz4u-6rft-s3a8 |
|
| 12 |
| vulnerability |
VCID-cbah-e86c-w3fj |
|
| 13 |
| vulnerability |
VCID-ddgz-rczw-jqfw |
|
| 14 |
| vulnerability |
VCID-etzn-uhck-h7b2 |
|
| 15 |
| vulnerability |
VCID-gnx2-djyk-uyaf |
|
| 16 |
| vulnerability |
VCID-hrsy-694u-2fec |
|
| 17 |
| vulnerability |
VCID-m15r-v9sr-2bbn |
|
| 18 |
| vulnerability |
VCID-mkyr-w79c-qqfz |
|
| 19 |
| vulnerability |
VCID-ms2r-94ph-yyh3 |
|
| 20 |
| vulnerability |
VCID-n57n-cymy-z7dr |
|
| 21 |
| vulnerability |
VCID-nvzd-v3bs-6qek |
|
| 22 |
| vulnerability |
VCID-pwn6-j8vf-rufk |
|
| 23 |
| vulnerability |
VCID-qdcn-2u3v-b3cv |
|
| 24 |
| vulnerability |
VCID-qpux-jh6k-8qhx |
|
| 25 |
| vulnerability |
VCID-s73y-y7v7-43cm |
|
| 26 |
| vulnerability |
VCID-syz5-5y6f-s7er |
|
| 27 |
| vulnerability |
VCID-t9p4-2x7v-yfaq |
|
| 28 |
| vulnerability |
VCID-tcqe-7skm-b3fz |
|
| 29 |
| vulnerability |
VCID-tha5-fv3w-sub6 |
|
| 30 |
| vulnerability |
VCID-u4bx-xqb3-vuef |
|
| 31 |
| vulnerability |
VCID-vbbv-k1r7-kkas |
|
| 32 |
| vulnerability |
VCID-wgma-bycg-1qb1 |
|
| 33 |
| vulnerability |
VCID-x57x-w8g8-7ybz |
|
| 34 |
| vulnerability |
VCID-xpss-yndr-mycj |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0 |
|
|
| aliases |
CVE-2022-42916
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yaas-j3qk-kfdg |
|