Package Instance

reference_id

1037192

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

http://www.securityfocus.com/bid/94096

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370
reference_id	1388370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370

reference_url

reference_id

94096

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

http://www.securityfocus.com/bid/94096

reference_url

https://curl.haxx.se/docs/adv_20161102A.html

reference_id

adv_20161102A.html

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://curl.haxx.se/docs/adv_20161102A.html

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://curl.haxx.se/CVE-2016-8615.patch

reference_url

reference_id

CVE-2016-8615.patch

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://curl.haxx.se/CVE-2016-8615.patch

reference_url

reference_id

GLSA-201701-47

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url

reference_id

r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_id

rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_url

reference_id

RHSA-2018:2486

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615

reference_url

reference_id

show_bug.cgi?id=CVE-2016-8615

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615

reference_url

reference_id

tns-2016-21

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-fz2p-bn31-2yha

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8615

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-257w-bhnj-kugq

url VCID-46wr-p8c4-x7he

vulnerability_id VCID-46wr-p8c4-x7he

summary

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_id

reference_type

scores

value	0.01811
scoring_system	epss
scoring_elements	0.83146
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_url

https://curl.se/docs/CVE-2016-8618.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8618.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378
reference_id	1388378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0754

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2018:2486
reference_id	RHSA-2018:2486
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2486

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-fz2p-bn31-2yha

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8618

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46wr-p8c4-x7he

url VCID-958x-aqdm-27br

vulnerability_id VCID-958x-aqdm-27br

summary cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

references

reference_url

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57741
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0754

reference_url

https://curl.se/docs/CVE-2016-0754.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-0754.html

fixed_packages

url pkg:generic/curl.se/curl@7.47.0

purl pkg:generic/curl.se/curl@7.47.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3m3q-mxu4-9uhh

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-72pz-4qf7-xfdb

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-8kzz-y6n1-97cv

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-m3hp-gvpn-4kea

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qxf1-m33c-3kbq

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uq2h-5uqp-rfbg

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0

aliases CVE-2016-0754

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-958x-aqdm-27br

url VCID-ahsw-5zua-jufq

vulnerability_id VCID-ahsw-5zua-jufq

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2000-0973.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2000-0973

reference_id

reference_type

scores

value	0.12231
scoring_system	epss
scoring_elements	0.93962
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2000-0973

reference_url

https://curl.se/docs/CVE-2000-0973.html

reference_id

reference_type

scores

value	Critical
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2000-0973.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616532
reference_id	1616532
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616532

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl
reference_id	CVE-2000-0973;OSVDB-1612
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/20292.pl

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl
reference_id	CVE-2000-0973;OSVDB-1612
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20293.pl

reference_url	https://www.securityfocus.com/bid/1804/info
reference_id	CVE-2000-0973;OSVDB-1612
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/1804/info

fixed_packages

url pkg:generic/curl.se/curl@7.4.1

purl pkg:generic/curl.se/curl@7.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2v93-gqe1-xqd8

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-b8jv-hnb7-eqfc

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-bx9n-tnec-xyd1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-g3rz-vtae-h3cw

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hg7c-ydk3-7ybq

vulnerability	VCID-jeet-9rt6-vygh

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-qc6p-1m1y-a3ar

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-za4f-bm16-j7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.4.1

aliases CVE-2000-0973

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ahsw-5zua-jufq

url VCID-b656-14j2-dbdn

vulnerability_id VCID-b656-14j2-dbdn

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_id

reference_type

scores

value	0.01363
scoring_system	epss
scoring_elements	0.80482
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_url

https://curl.se/docs/CVE-2016-8624.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8624.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

1037192

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

http://www.securityfocus.com/bid/94103

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390
reference_id	1388390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390

reference_url

reference_id

94103

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

http://www.securityfocus.com/bid/94103

reference_url

https://curl.haxx.se/docs/adv_20161102J.html

reference_id

adv_20161102J.html

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://curl.haxx.se/docs/adv_20161102J.html

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

GLSA-201701-47

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url

reference_id

r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_id

rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E

reference_id

rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E

reference_url

reference_id

RHSA-2018:2486

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624

reference_url

reference_id

show_bug.cgi?id=CVE-2016-8624

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624

reference_url

reference_id

tns-2016-21

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-fz2p-bn31-2yha

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8624

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b656-14j2-dbdn

url VCID-b8jv-hnb7-eqfc

vulnerability_id VCID-b8jv-hnb7-eqfc

summary curl: incorrect handling of IP addresses in cookie domain

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json

reference_url

reference_id

reference_type

scores

value	0.0182
scoring_system	epss
scoring_elements	0.83179
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_url

https://curl.se/docs/CVE-2014-3613.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-3613.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154
reference_id	1136154
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2346-1/
reference_id	USN-2346-1
reference_type
scores
url	https://usn.ubuntu.com/2346-1/

fixed_packages

url pkg:generic/curl.se/curl@7.38.0

purl pkg:generic/curl.se/curl@7.38.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-3m3q-mxu4-9uhh

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-72pz-4qf7-xfdb

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8kzz-y6n1-97cv

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-bzpr-8cw4-zkd6

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-dcuk-131b-pbgp

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-m3hp-gvpn-4kea

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-p9gw-tfvj-xfb7

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qc6p-1m1y-a3ar

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qrrf-z64u-zkck

vulnerability	VCID-qxf1-m33c-3kbq

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-snt9-bpy7-pqhd

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-t49y-2csd-q7c9

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uq2h-5uqp-rfbg

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-yn3p-7hnq-13hv

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-za4f-bm16-j7ba

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.38.0

aliases CVE-2014-3613

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8jv-hnb7-eqfc

url VCID-bu5q-p482-kbd2

vulnerability_id VCID-bu5q-p482-kbd2

summary curl: HTTP authentication leak in redirects

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_id

reference_type

scores

value	0.03854
scoring_system	epss
scoring_elements	0.88402
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_url

https://curl.se/docs/CVE-2018-1000007.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000007.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125
reference_id	1537125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125

reference_url	https://security.archlinux.org/ASA-201801-20
reference_id	ASA-201801-20
reference_type
scores
url	https://security.archlinux.org/ASA-201801-20

reference_url	https://security.archlinux.org/ASA-201801-22
reference_id	ASA-201801-22
reference_type
scores
url	https://security.archlinux.org/ASA-201801-22

reference_url	https://security.archlinux.org/ASA-201801-23
reference_id	ASA-201801-23
reference_type
scores
url	https://security.archlinux.org/ASA-201801-23

reference_url	https://security.archlinux.org/ASA-201801-24
reference_id	ASA-201801-24
reference_type
scores
url	https://security.archlinux.org/ASA-201801-24

reference_url	https://security.archlinux.org/ASA-201801-25
reference_id	ASA-201801-25
reference_type
scores
url	https://security.archlinux.org/ASA-201801-25

reference_url	https://security.archlinux.org/ASA-201801-26
reference_id	ASA-201801-26
reference_type
scores
url	https://security.archlinux.org/ASA-201801-26

reference_url

https://security.archlinux.org/AVG-593

reference_id

AVG-593

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-593

reference_url

https://security.archlinux.org/AVG-594

reference_id

AVG-594

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-594

reference_url

https://security.archlinux.org/AVG-595

reference_id

AVG-595

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-595

reference_url

https://security.archlinux.org/AVG-596

reference_id

AVG-596

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-596

reference_url

https://security.archlinux.org/AVG-597

reference_id

AVG-597

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-597

reference_url

https://security.archlinux.org/AVG-598

reference_id

AVG-598

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-598

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

reference_url	https://usn.ubuntu.com/3554-1/
reference_id	USN-3554-1
reference_type
scores
url	https://usn.ubuntu.com/3554-1/

reference_url	https://usn.ubuntu.com/3554-2/
reference_id	USN-3554-2
reference_type
scores
url	https://usn.ubuntu.com/3554-2/

fixed_packages

url pkg:generic/curl.se/curl@7.58.0

purl pkg:generic/curl.se/curl@7.58.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-dmkg-yeua-uffn

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nqds-umrs-37dd

vulnerability	VCID-ntp8-1uak-t7gp

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qteb-88n4-5ka7

vulnerability	VCID-r4re-xx26-2kgm

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v13d-ffaa-hyd9

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y7c7-w2ru-gbhm

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0

aliases CVE-2018-1000007

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bu5q-p482-kbd2

url VCID-bx9n-tnec-xyd1

vulnerability_id VCID-bx9n-tnec-xyd1

summary curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-1605

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59669
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-1605

reference_url

https://curl.se/docs/CVE-2003-1605.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2003-1605.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1605

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:generic/curl.se/curl@7.10.7

purl pkg:generic/curl.se/curl@7.10.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2v93-gqe1-xqd8

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-a9jr-hx2n-87ch

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-b8jv-hnb7-eqfc

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-g3rz-vtae-h3cw

vulnerability	VCID-gme9-9d93-8bgk

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hg7c-ydk3-7ybq

vulnerability	VCID-jeet-9rt6-vygh

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-njfg-99cj-cfh4

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-p9gw-tfvj-xfb7

vulnerability	VCID-pgqj-25tn-akf3

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qc6p-1m1y-a3ar

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qrrf-z64u-zkck

vulnerability	VCID-qze3-vubf-67ej

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-x6jw-xxpk-eufb

vulnerability	VCID-x6pd-2arc-gqdq

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-y841-wa7x-gyd4

vulnerability	VCID-yn3p-7hnq-13hv

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-za4f-bm16-j7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.10.7

aliases CVE-2003-1605

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bx9n-tnec-xyd1

url VCID-fvrp-ctdg-kqah

vulnerability_id VCID-fvrp-ctdg-kqah

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9586

reference_id

reference_type

scores

value	0.01009
scoring_system	epss
scoring_elements	0.77381
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9586

reference_url

https://curl.se/docs/CVE-2016-9586.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-9586.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.securitytracker.com/id/1037515

reference_id

1037515

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

http://www.securitytracker.com/id/1037515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406712
reference_id	1406712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406712

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958
reference_id	848958
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958

reference_url

http://www.securityfocus.com/bid/95019

reference_id

95019

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

http://www.securityfocus.com/bid/95019

reference_url

https://curl.haxx.se/docs/adv_20161221A.html

reference_id

adv_20161221A.html

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://curl.haxx.se/docs/adv_20161221A.html

reference_url	https://security.archlinux.org/ASA-201612-22
reference_id	ASA-201612-22
reference_type
scores
url	https://security.archlinux.org/ASA-201612-22

reference_url	https://security.archlinux.org/ASA-201701-10
reference_id	ASA-201701-10
reference_type
scores
url	https://security.archlinux.org/ASA-201701-10

reference_url	https://security.archlinux.org/ASA-201701-11
reference_id	ASA-201701-11
reference_type
scores
url	https://security.archlinux.org/ASA-201701-11

reference_url	https://security.archlinux.org/ASA-201701-7
reference_id	ASA-201701-7
reference_type
scores
url	https://security.archlinux.org/ASA-201701-7

reference_url	https://security.archlinux.org/ASA-201701-8
reference_id	ASA-201701-8
reference_type
scores
url	https://security.archlinux.org/ASA-201701-8

reference_url	https://security.archlinux.org/ASA-201701-9
reference_id	ASA-201701-9
reference_type
scores
url	https://security.archlinux.org/ASA-201701-9

reference_url

https://security.archlinux.org/AVG-112

reference_id

AVG-112

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-112

reference_url

https://security.archlinux.org/AVG-113

reference_id

AVG-113

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-113

reference_url

https://security.archlinux.org/AVG-114

reference_id

AVG-114

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-114

reference_url

https://security.archlinux.org/AVG-115

reference_id

AVG-115

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-115

reference_url

https://security.archlinux.org/AVG-116

reference_id

AVG-116

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-116

reference_url

https://security.archlinux.org/AVG-117

reference_id

AVG-117

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-117

reference_url

https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16

reference_id

curl-7_51_0-162-g3ab3c16

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16

reference_url

reference_id

GLSA-201701-47

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html

reference_url

reference_id

msg00005.html

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html

reference_url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_id

r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_id

rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586

reference_id

show_bug.cgi?id=CVE-2016-9586

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586

reference_url	https://usn.ubuntu.com/3441-1/
reference_id	USN-3441-1
reference_type
scores
url	https://usn.ubuntu.com/3441-1/

reference_url	https://usn.ubuntu.com/3441-2/
reference_id	USN-3441-2
reference_type
scores
url	https://usn.ubuntu.com/3441-2/

fixed_packages

url pkg:generic/curl.se/curl@7.52.0

purl pkg:generic/curl.se/curl@7.52.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-1pa1-5qav-tfa9

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-dmkg-yeua-uffn

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e2km-m1ta-6kes

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fz2p-bn31-2yha

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jtdd-1117-5qfz

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0

aliases CVE-2016-9586

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvrp-ctdg-kqah

url VCID-h6tz-3ztg-byhr

vulnerability_id VCID-h6tz-3ztg-byhr

summary curl: credential leak on redirect

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27774

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.54801
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27774

reference_url

https://curl.se/docs/CVE-2022-27774.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-27774.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1543773

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/

url

https://hackerone.com/reports/1543773

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254
reference_id	1010254
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2077547
reference_id	2077547
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2077547

reference_url

reference_id

AVG-2685

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

dsa-5197

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/

url

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_url

reference_id

msg00028.html

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_id

ntap-20220609-0008

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/

url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_url	https://access.redhat.com/errata/RHSA-2022:5245
reference_id	RHSA-2022:5245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5245

reference_url	https://access.redhat.com/errata/RHSA-2022:5313
reference_id	RHSA-2022:5313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5313

reference_url	https://usn.ubuntu.com/5397-1/
reference_id	USN-5397-1
reference_type
scores
url	https://usn.ubuntu.com/5397-1/

fixed_packages

url pkg:generic/curl.se/curl@7.83.0

purl pkg:generic/curl.se/curl@7.83.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-32gj-mvnb-rudh

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-4pzm-87dd-xqbs

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689c-z62z-ukc7

vulnerability	VCID-71rt-1h3a-jkcm

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e1rm-18vc-rkc2

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-frj4-zf2v-87g2

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-hsjj-6vfn-4ugt

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-ku14-1pmr-pbbd

vulnerability	VCID-kudb-x77h-1ud4

vulnerability	VCID-nhst-thye-guh2

vulnerability	VCID-nmwe-9bw8-2ud1

vulnerability	VCID-p2p1-bs19-53hd

vulnerability	VCID-p6hr-p4dr-cyh7

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qteb-88n4-5ka7

vulnerability	VCID-r1c8-6w99-kqgc

vulnerability	VCID-r4re-xx26-2kgm

vulnerability	VCID-sd8m-enmc-muhn

vulnerability	VCID-srgc-rxj3-6ydd

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tx73-4h2v-uyb4

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-v13d-ffaa-hyd9

vulnerability	VCID-wj8v-8fnv-kqgj

vulnerability	VCID-y7c7-w2ru-gbhm

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0

aliases CVE-2022-27774

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6tz-3ztg-byhr

url VCID-hg7c-ydk3-7ybq

vulnerability_id VCID-hg7c-ydk3-7ybq

summary curl: Cookie domain suffix match vulnerability

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1944

reference_id

reference_type

scores

value	0.02482
scoring_system	epss
scoring_elements	0.85537
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1944

reference_url

https://curl.se/docs/CVE-2013-1944.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-1944.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274
reference_id	705274
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=950577
reference_id	950577
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=950577

reference_url	https://security.gentoo.org/glsa/201401-14
reference_id	GLSA-201401-14
reference_type
scores
url	https://security.gentoo.org/glsa/201401-14

reference_url	https://access.redhat.com/errata/RHSA-2013:0771
reference_id	RHSA-2013:0771
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0771

reference_url	https://usn.ubuntu.com/1801-1/
reference_id	USN-1801-1
reference_type
scores
url	https://usn.ubuntu.com/1801-1/

fixed_packages

url pkg:generic/curl.se/curl@7.30.0

purl pkg:generic/curl.se/curl@7.30.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-72pz-4qf7-xfdb

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8kzz-y6n1-97cv

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a9jr-hx2n-87ch

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-b8jv-hnb7-eqfc

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-ddky-6vbe-nqc8

vulnerability	VCID-ddtt-b7y9-ubgn

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-gme9-9d93-8bgk

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hk4n-peps-yuck

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-m3hp-gvpn-4kea

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-njfg-99cj-cfh4

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-p9gw-tfvj-xfb7

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qc6p-1m1y-a3ar

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qrrf-z64u-zkck

vulnerability	VCID-qxf1-m33c-3kbq

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-snt9-bpy7-pqhd

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v3w9-aq2q-6kdd

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-y841-wa7x-gyd4

vulnerability	VCID-yn3p-7hnq-13hv

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-za4f-bm16-j7ba

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.30.0

aliases CVE-2013-1944

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hg7c-ydk3-7ybq

url VCID-jeet-9rt6-vygh

vulnerability_id VCID-jeet-9rt6-vygh

summary curl: local file access via unsafe redirects

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0037

reference_id

reference_type

scores

value	0.09919
scoring_system	epss
scoring_elements	0.9314
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0037

reference_url

https://curl.se/docs/CVE-2009-0037.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2009-0037.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=485271
reference_id	485271
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=485271

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423
reference_id	518423
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt
reference_id	CVE-2009-0037;OSVDB-53572
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt

reference_url	https://www.securityfocus.com/bid/33962/info
reference_id	CVE-2009-0037;OSVDB-53572
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/33962/info

reference_url	https://security.gentoo.org/glsa/200903-21
reference_id	GLSA-200903-21
reference_type
scores
url	https://security.gentoo.org/glsa/200903-21

reference_url	https://access.redhat.com/errata/RHSA-2009:0341
reference_id	RHSA-2009:0341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0341

reference_url	https://usn.ubuntu.com/726-1/
reference_id	USN-726-1
reference_type
scores
url	https://usn.ubuntu.com/726-1/

fixed_packages

url pkg:generic/curl.se/curl@7.19.4

purl pkg:generic/curl.se/curl@7.19.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-72pz-4qf7-xfdb

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a9jr-hx2n-87ch

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-b8jv-hnb7-eqfc

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-ddky-6vbe-nqc8

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-g3rz-vtae-h3cw

vulnerability	VCID-gme9-9d93-8bgk

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hg7c-ydk3-7ybq

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-njfg-99cj-cfh4

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-p9gw-tfvj-xfb7

vulnerability	VCID-pgqj-25tn-akf3

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qc6p-1m1y-a3ar

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qrrf-z64u-zkck

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-snt9-bpy7-pqhd

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-x6jw-xxpk-eufb

vulnerability	VCID-x6pd-2arc-gqdq

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-y841-wa7x-gyd4

vulnerability	VCID-yn3p-7hnq-13hv

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-za4f-bm16-j7ba

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.4

aliases CVE-2009-0037

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeet-9rt6-vygh

url VCID-nuef-bv37-hfaz

vulnerability_id VCID-nuef-bv37-hfaz

summary curl: FTP PASV command response can cause curl to connect to arbitrary host

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8284

reference_id

reference_type

scores

value	0.00104
scoring_system	epss
scoring_elements	0.27993
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8284

reference_url

https://curl.se/docs/CVE-2020-8284.html

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://curl.se/docs/CVE-2020-8284.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1040166

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://hackerone.com/reports/1040166

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1902667
reference_id	1902667
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1902667

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163
reference_id	977163
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163

reference_url

https://security.archlinux.org/AVG-1337

reference_id

AVG-1337

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1337

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/

reference_id

DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/

reference_url

https://www.debian.org/security/2021/dsa-4881

reference_id

dsa-4881

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://www.debian.org/security/2021/dsa-4881

reference_url

https://security.gentoo.org/glsa/202012-14

reference_id

GLSA-202012-14

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://security.gentoo.org/glsa/202012-14

reference_url

https://support.apple.com/kb/HT212325

reference_id

HT212325

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://support.apple.com/kb/HT212325

reference_url

https://support.apple.com/kb/HT212326

reference_id

HT212326

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://support.apple.com/kb/HT212326

reference_url

https://support.apple.com/kb/HT212327

reference_id

HT212327

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://support.apple.com/kb/HT212327

reference_url

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html

reference_id

msg00029.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html

reference_url

https://security.netapp.com/advisory/ntap-20210122-0007/

reference_id

ntap-20210122-0007

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://security.netapp.com/advisory/ntap-20210122-0007/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/

reference_id

NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/

reference_url	https://access.redhat.com/errata/RHSA-2021:1610
reference_id	RHSA-2021:1610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1610

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

reference_url	https://usn.ubuntu.com/4665-1/
reference_id	USN-4665-1
reference_type
scores
url	https://usn.ubuntu.com/4665-1/

reference_url	https://usn.ubuntu.com/4665-2/
reference_id	USN-4665-2
reference_type
scores
url	https://usn.ubuntu.com/4665-2/

fixed_packages

url pkg:generic/curl.se/curl@7.74.0

purl pkg:generic/curl.se/curl@7.74.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-32gj-mvnb-rudh

vulnerability	VCID-3dn4-6jtb-kqhk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-4pzm-87dd-xqbs

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-cgpy-5qpn-dkb8

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-f8uz-dv1e-kkab

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-ku14-1pmr-pbbd

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-p2p1-bs19-53hd

vulnerability	VCID-p6hr-p4dr-cyh7

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qteb-88n4-5ka7

vulnerability	VCID-r4re-xx26-2kgm

vulnerability	VCID-r9g6-71tv-byak

vulnerability	VCID-sd8m-enmc-muhn

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v13d-ffaa-hyd9

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y7c7-w2ru-gbhm

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0

aliases CVE-2020-8284

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nuef-bv37-hfaz

url VCID-qc6p-1m1y-a3ar

vulnerability_id VCID-qc6p-1m1y-a3ar

summary curl: URL request injection vulnerability in parseurlandfillconn()

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

reference_id

reference_type

scores

value	0.01225
scoring_system	epss
scoring_elements	0.79432
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

reference_url

https://curl.se/docs/CVE-2014-8150.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-8150.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692
reference_id	1178692
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2474-1/
reference_id	USN-2474-1
reference_type
scores
url	https://usn.ubuntu.com/2474-1/

fixed_packages

url pkg:generic/curl.se/curl@7.40.0

purl pkg:generic/curl.se/curl@7.40.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-3m3q-mxu4-9uhh

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-72pz-4qf7-xfdb

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8kzz-y6n1-97cv

vulnerability	VCID-958x-aqdm-27br

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-bzpr-8cw4-zkd6

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-dcuk-131b-pbgp

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-m3hp-gvpn-4kea

vulnerability	VCID-mw8z-vyq4-5kf3

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-p9gw-tfvj-xfb7

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qrrf-z64u-zkck

vulnerability	VCID-qxf1-m33c-3kbq

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uq2h-5uqp-rfbg

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vhq1-me6w-uqfm

vulnerability	VCID-vqf9-y6k7-f7bt

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-xq5h-af6j-r3fa

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-yn3p-7hnq-13hv

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-za4f-bm16-j7ba

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.40.0

aliases CVE-2014-8150

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qc6p-1m1y-a3ar

url VCID-uws8-s9se-nyay

vulnerability_id VCID-uws8-s9se-nyay

summary curl: auth/cookie leak on redirect

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27776

reference_id

reference_type

scores

value	0.00682
scoring_system	epss
scoring_elements	0.71949
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27776

reference_url

https://curl.se/docs/CVE-2022-27776.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-27776.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1547048

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://hackerone.com/reports/1547048

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252
reference_id	1010252
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2078408
reference_id	2078408
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2078408

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/

reference_id

7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/

reference_url

reference_id

AVG-2685

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/

reference_url

reference_id

DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/

reference_url

reference_id

dsa-5197

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_id

ntap-20220609-0008

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_url	https://access.redhat.com/errata/RHSA-2022:5245
reference_id	RHSA-2022:5245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5245

reference_url	https://access.redhat.com/errata/RHSA-2022:5313
reference_id	RHSA-2022:5313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5313

reference_url	https://usn.ubuntu.com/5397-1/
reference_id	USN-5397-1
reference_type
scores
url	https://usn.ubuntu.com/5397-1/

fixed_packages

url pkg:generic/curl.se/curl@7.83.0

purl pkg:generic/curl.se/curl@7.83.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-32gj-mvnb-rudh

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-4pzm-87dd-xqbs

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689c-z62z-ukc7

vulnerability	VCID-71rt-1h3a-jkcm

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e1rm-18vc-rkc2

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-frj4-zf2v-87g2

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-hsjj-6vfn-4ugt

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-ku14-1pmr-pbbd

vulnerability	VCID-kudb-x77h-1ud4

vulnerability	VCID-nhst-thye-guh2

vulnerability	VCID-nmwe-9bw8-2ud1

vulnerability	VCID-p2p1-bs19-53hd

vulnerability	VCID-p6hr-p4dr-cyh7

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qteb-88n4-5ka7

vulnerability	VCID-r1c8-6w99-kqgc

vulnerability	VCID-r4re-xx26-2kgm

vulnerability	VCID-sd8m-enmc-muhn

vulnerability	VCID-srgc-rxj3-6ydd

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-tx73-4h2v-uyb4

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-v13d-ffaa-hyd9

vulnerability	VCID-wj8v-8fnv-kqgj

vulnerability	VCID-y7c7-w2ru-gbhm

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0

aliases CVE-2022-27776

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uws8-s9se-nyay

url VCID-xq5h-af6j-r3fa

vulnerability_id VCID-xq5h-af6j-r3fa

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5419

reference_id

reference_type

scores

value	0.01912
scoring_system	epss
scoring_elements	0.83601
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5419

reference_url

https://curl.se/docs/CVE-2016-5419.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-5419.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1362183
reference_id	1362183
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1362183

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2016:2575
reference_id	RHSA-2016:2575
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2575

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/3048-1/
reference_id	USN-3048-1
reference_type
scores
url	https://usn.ubuntu.com/3048-1/

fixed_packages

url pkg:generic/curl.se/curl@7.50.1

purl pkg:generic/curl.se/curl@7.50.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14cb-wnj7-13e2

vulnerability	VCID-257w-bhnj-kugq

vulnerability	VCID-2bvs-a5w1-gfhe

vulnerability	VCID-2nqm-34t9-eqcr

vulnerability	VCID-2x3m-p3eu-y7cn

vulnerability	VCID-3m3q-mxu4-9uhh

vulnerability	VCID-3xnn-1yr9-4qdk

vulnerability	VCID-4563-62mm-57aq

vulnerability	VCID-46wr-p8c4-x7he

vulnerability	VCID-4nqj-8xk6-a7ha

vulnerability	VCID-58v1-7e86-skcr

vulnerability	VCID-5hb5-9gh5-kyfs

vulnerability	VCID-689h-1jnp-yfbr

vulnerability	VCID-6jpy-xpur-abc7

vulnerability	VCID-6pbt-tvzv-nqc5

vulnerability	VCID-777y-dgxh-kba5

vulnerability	VCID-7wd8-zrdf-gkc6

vulnerability	VCID-84u3-ynnu-7kct

vulnerability	VCID-8f6k-xr87-uqfz

vulnerability	VCID-8k4c-jcmk-xkdc

vulnerability	VCID-8kzz-y6n1-97cv

vulnerability	VCID-97n5-5pa2-rqhz

vulnerability	VCID-9mnp-4p5a-ybcn

vulnerability	VCID-a2hy-wacd-37ht

vulnerability	VCID-ab48-azj9-p3hq

vulnerability	VCID-adkw-dnqu-6ffy

vulnerability	VCID-age7-hx9p-fya2

vulnerability	VCID-av4m-zmbd-1bdu

vulnerability	VCID-ay4r-g4gd-pbfh

vulnerability	VCID-b656-14j2-dbdn

vulnerability	VCID-bnr9-9qa9-vfab

vulnerability	VCID-bu5q-p482-kbd2

vulnerability	VCID-c7r3-5s6m-5ua1

vulnerability	VCID-cczp-jbr5-j3g1

vulnerability	VCID-d1pj-eqmw-9ya1

vulnerability	VCID-dvru-kxex-aqfa

vulnerability	VCID-e66v-z214-5kdt

vulnerability	VCID-e6s1-4q8v-yfdp

vulnerability	VCID-eh7z-2y2q-efbc

vulnerability	VCID-ehmp-5g2e-eqfk

vulnerability	VCID-ejxm-x6yh-duam

vulnerability	VCID-estk-jscu-67cg

vulnerability	VCID-f23g-nbn2-6bac

vulnerability	VCID-fbr5-4t5f-bkaz

vulnerability	VCID-fqsr-v5rs-4ygc

vulnerability	VCID-ftpd-hkjh-6udf

vulnerability	VCID-fvrp-ctdg-kqah

vulnerability	VCID-fz2p-bn31-2yha

vulnerability	VCID-guzm-25ur-qkgz

vulnerability	VCID-h4ad-94qh-ufhy

vulnerability	VCID-h6tz-3ztg-byhr

vulnerability	VCID-hpqq-n6y2-suf3

vulnerability	VCID-jj7m-un1g-8uan

vulnerability	VCID-jukq-4rsf-f7hb

vulnerability	VCID-k232-kks1-hygq

vulnerability	VCID-k93r-eqgb-fqgq

vulnerability	VCID-kmd7-ntaa-ffcv

vulnerability	VCID-n38z-qhum-ffgs

vulnerability	VCID-ngrp-9xg2-g7cw

vulnerability	VCID-nuef-bv37-hfaz

vulnerability	VCID-pru2-7vs6-ryf4

vulnerability	VCID-ptdk-wtvg-zkaw

vulnerability	VCID-qax6-9qcb-6yah

vulnerability	VCID-qj2x-z183-q7dk

vulnerability	VCID-qkp2-se93-mka8

vulnerability	VCID-qqyy-ejjy-zugp

vulnerability	VCID-qxf1-m33c-3kbq

vulnerability	VCID-rkdx-swyp-n7a2

vulnerability	VCID-rxqn-hx8b-4ket

vulnerability	VCID-ss8u-8s2v-dkf4

vulnerability	VCID-suuf-58uw-xucs

vulnerability	VCID-tcq7-bk2f-ekdh

vulnerability	VCID-tzhd-pvxj-gqfy

vulnerability	VCID-u1yn-scjj-qkc8

vulnerability	VCID-uws8-s9se-nyay

vulnerability	VCID-v54z-4tb3-qkh2

vulnerability	VCID-vs4f-hsgz-cyby

vulnerability	VCID-vs5f-8tuz-b7ev

vulnerability	VCID-vvsu-pcba-qfh6

vulnerability	VCID-xapd-mgwu-67b3

vulnerability	VCID-y1dj-ashm-ryha

vulnerability	VCID-y1e8-qv34-juf8

vulnerability	VCID-z46c-bshd-zuf1

vulnerability	VCID-z4n7-e83t-hucq

vulnerability	VCID-z7nt-pckd-pua8

vulnerability	VCID-zgz2-mscv-sqhu

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1

aliases CVE-2016-5419

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xq5h-af6j-r3fa

url VCID-z4n7-e83t-hucq

vulnerability_id VCID-z4n7-e83t-hucq

summary curl: Incorrect handling of control code characters in cookies

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-35252

reference_id

reference_type

scores

value	0.00289
scoring_system	epss
scoring_elements	0.52523
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-35252

reference_url

https://curl.se/docs/CVE-2022-35252.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-35252.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1613943

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://hackerone.com/reports/1613943

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831
reference_id	1018831
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831

reference_url

http://seclists.org/fulldisclosure/2023/Jan/20

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

http://seclists.org/fulldisclosure/2023/Jan/20

reference_url

http://seclists.org/fulldisclosure/2023/Jan/21

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

http://seclists.org/fulldisclosure/2023/Jan/21

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2120718
reference_id	2120718
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2120718

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url