VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/374608?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/374608?format=api",
    "purl": "pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1",
    "type": "alpm",
    "namespace": "archlinux",
    "name": "libcurl-gnutls",
    "version": "7.52.1-1",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "7.53.0-1",
    "latest_non_vulnerable_version": "7.79.0-1",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49716?format=api",
            "vulnerability_id": "VCID-36n6-qanf-nue8",
            "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow attackers to bypass intended restrictions.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65949",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66062",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65991",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66019",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65986",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66036",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66048",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66067",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66054",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66024",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66059",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00502",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66073",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7468"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7468",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7468"
                },
                {
                    "reference_url": "https://curl.haxx.se/docs/adv_20170419.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://curl.haxx.se/docs/adv_20170419.html"
                },
                {
                    "reference_url": "https://curl.se/docs/CVE-2017-7468.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://curl.se/docs/CVE-2017-7468.html"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/97962",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/97962"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1038341",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id/1038341"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381",
                    "reference_id": "1443381",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443381"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201704-12",
                    "reference_id": "ASA-201704-12",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201704-12"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-180",
                    "reference_id": "AVG-180",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-180"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-181",
                    "reference_id": "AVG-181",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-181"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-183",
                    "reference_id": "AVG-183",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-183"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-184",
                    "reference_id": "AVG-184",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-184"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-241",
                    "reference_id": "AVG-241",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-241"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-243",
                    "reference_id": "AVG-243",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-243"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468",
                    "reference_id": "CVE-2017-7468",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.0",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
                        },
                        {
                            "value": "4.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201709-14",
                    "reference_id": "GLSA-201709-14",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201709-14"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3262-1/",
                    "reference_id": "USN-3262-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3262-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/374609?format=api",
                    "purl": "pkg:alpm/archlinux/libcurl-gnutls@7.53.0-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.53.0-1"
                }
            ],
            "aliases": [
                "CVE-2017-7468"
            ],
            "risk_score": 3.4,
            "exploitability": "0.5",
            "weighted_severity": "6.8",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36n6-qanf-nue8"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49766?format=api",
            "vulnerability_id": "VCID-q3hu-8uy5-e3a4",
            "summary": "A coding error has been found in cURL, causing the TLS Certificate\n    Status Request extension check to always return true.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58261",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5839",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5834",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58393",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58399",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58416",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58395",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58376",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58408",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58413",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58346",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00363",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58366",
                            "published_at": "2026-04-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2629"
                },
                {
                    "reference_url": "https://curl.se/docs/CVE-2017-2629.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://curl.se/docs/CVE-2017-2629.html"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746",
                    "reference_id": "1425746",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425746"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201703-1",
                    "reference_id": "ASA-201703-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201703-1"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-179",
                    "reference_id": "AVG-179",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Low",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-179"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-180",
                    "reference_id": "AVG-180",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-180"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-181",
                    "reference_id": "AVG-181",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-181"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-182",
                    "reference_id": "AVG-182",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Low",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-182"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-183",
                    "reference_id": "AVG-183",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-183"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-184",
                    "reference_id": "AVG-184",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-184"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201703-04",
                    "reference_id": "GLSA-201703-04",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201703-04"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/374609?format=api",
                    "purl": "pkg:alpm/archlinux/libcurl-gnutls@7.53.0-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.53.0-1"
                }
            ],
            "aliases": [
                "CVE-2017-2629"
            ],
            "risk_score": 3.1,
            "exploitability": "0.5",
            "weighted_severity": "6.2",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3hu-8uy5-e3a4"
        }
    ],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34707?format=api",
            "vulnerability_id": "VCID-fnj3-2du1-4bhx",
            "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://access.redhat.com/errata/RHSA-2018:3558"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75596",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75548",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75492",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75582",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75557",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75494",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75525",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75506",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7559",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00891",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75578",
                            "published_at": "2026-04-11T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586"
                },
                {
                    "reference_url": "https://curl.haxx.se/docs/adv_20161221A.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://curl.haxx.se/docs/adv_20161221A.html"
                },
                {
                    "reference_url": "https://curl.se/docs/CVE-2016-9586.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://curl.se/docs/CVE-2016-9586.html"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.2",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:L/AC:H/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16"
                },
                {
                    "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
                },
                {
                    "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/95019",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "http://www.securityfocus.com/bid/95019"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1037515",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "http://www.securitytracker.com/id/1037515"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712",
                    "reference_id": "1406712",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958",
                    "reference_id": "848958",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201612-22",
                    "reference_id": "ASA-201612-22",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201612-22"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-10",
                    "reference_id": "ASA-201701-10",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-10"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-11",
                    "reference_id": "ASA-201701-11",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-11"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-7",
                    "reference_id": "ASA-201701-7",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-7"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-8",
                    "reference_id": "ASA-201701-8",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-8"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-9",
                    "reference_id": "ASA-201701-9",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-9"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-112",
                    "reference_id": "AVG-112",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-112"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-113",
                    "reference_id": "AVG-113",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-113"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-114",
                    "reference_id": "AVG-114",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-114"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-115",
                    "reference_id": "AVG-115",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-115"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-116",
                    "reference_id": "AVG-116",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-116"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-117",
                    "reference_id": "AVG-117",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-117"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9586",
                    "reference_id": "CVE-2016-9586",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P"
                        },
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9586"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-47",
                    "reference_id": "GLSA-201701-47",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"
                        }
                    ],
                    "url": "https://security.gentoo.org/glsa/201701-47"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3441-1/",
                    "reference_id": "USN-3441-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3441-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3441-2/",
                    "reference_id": "USN-3441-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3441-2/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/374608?format=api",
                    "purl": "pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-36n6-qanf-nue8"
                        },
                        {
                            "vulnerability": "VCID-q3hu-8uy5-e3a4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1"
                }
            ],
            "aliases": [
                "CVE-2016-9586"
            ],
            "risk_score": 3.6,
            "exploitability": "0.5",
            "weighted_severity": "7.3",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnj3-2du1-4bhx"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34708?format=api",
            "vulnerability_id": "VCID-hyqp-z8hb-fqbt",
            "summary": "Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77857",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77946",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77864",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77892",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77874",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77901",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77906",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77933",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77917",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77916",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77954",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.01088",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77953",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9594"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594"
                },
                {
                    "reference_url": "https://curl.haxx.se/docs/adv_20161223.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "https://curl.haxx.se/docs/adv_20161223.html"
                },
                {
                    "reference_url": "https://curl.se/docs/CVE-2016-9594.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://curl.se/docs/CVE-2016-9594.html"
                },
                {
                    "reference_url": "https://www.tenable.com/security/tns-2017-04",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "https://www.tenable.com/security/tns-2017-04"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/95094",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "http://www.securityfocus.com/bid/95094"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1037528",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "http://www.securitytracker.com/id/1037528"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385",
                    "reference_id": "1408385",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408385"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201612-22",
                    "reference_id": "ASA-201612-22",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201612-22"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-10",
                    "reference_id": "ASA-201701-10",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-10"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-11",
                    "reference_id": "ASA-201701-11",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-11"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-7",
                    "reference_id": "ASA-201701-7",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-7"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-8",
                    "reference_id": "ASA-201701-8",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-8"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201701-9",
                    "reference_id": "ASA-201701-9",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201701-9"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-112",
                    "reference_id": "AVG-112",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-112"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-113",
                    "reference_id": "AVG-113",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-113"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-114",
                    "reference_id": "AVG-114",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-114"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-115",
                    "reference_id": "AVG-115",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-115"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-116",
                    "reference_id": "AVG-116",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-116"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-117",
                    "reference_id": "AVG-117",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-117"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594",
                    "reference_id": "CVE-2016-9594",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-47",
                    "reference_id": "GLSA-201701-47",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:12Z/"
                        }
                    ],
                    "url": "https://security.gentoo.org/glsa/201701-47"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/374608?format=api",
                    "purl": "pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-36n6-qanf-nue8"
                        },
                        {
                            "vulnerability": "VCID-q3hu-8uy5-e3a4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1"
                }
            ],
            "aliases": [
                "CVE-2016-9594"
            ],
            "risk_score": 3.6,
            "exploitability": "0.5",
            "weighted_severity": "7.3",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hyqp-z8hb-fqbt"
        }
    ],
    "risk_score": "3.4",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-gnutls@7.52.1-1"
}

Package Instance