Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/391?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/391?format=api", "purl": "pkg:generic/curl.se/curl@7.60.0", "type": "generic", "namespace": "curl.se", "name": "curl", "version": "7.60.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.20.0", "latest_non_vulnerable_version": "8.20.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/578?format=api", "vulnerability_id": "VCID-1eyc-44w4-67cb", "summary": "bad reuse of HTTP Negotiate connection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22165", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1965" }, { "reference_url": "https://curl.se/docs/CVE-2026-1965.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/" } ], "url": "https://curl.se/docs/CVE-2026-1965.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446448", "reference_id": "2446448", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446448" }, { "reference_url": "https://curl.se/docs/CVE-2026-1965.json", "reference_id": "CVE-2026-1965.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/" } ], "url": "https://curl.se/docs/CVE-2026-1965.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/460?format=api", "purl": "pkg:generic/curl.se/curl@8.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0" } ], "aliases": [ "CVE-2026-1965" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1eyc-44w4-67cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/618?format=api", "vulnerability_id": "VCID-1g9p-du9r-hfdk", "summary": "SFTP path ~ resolving discrepancy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20092", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27534" }, { "reference_url": "https://curl.se/docs/CVE-2023-27534.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27534.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1892351" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069", "reference_id": "2179069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27534" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1g9p-du9r-hfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/628?format=api", "vulnerability_id": "VCID-2fqs-x6nt-87ea", "summary": "POST following PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01759", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221" }, { "reference_url": "https://curl.se/docs/CVE-2022-32221.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32221.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1704017", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://hackerone.com/reports/1704017" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", "reference_id": "2135411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/05/17/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5330", "reference_id": "dsa-5330", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230208-0002/", "reference_id": "ntap-20230208-0002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0333", "reference_id": "RHSA-2023:0333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" }, { "reference_url": "https://usn.ubuntu.com/5702-2/", "reference_id": "USN-5702-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-2/" }, { "reference_url": "https://usn.ubuntu.com/5823-1/", "reference_id": "USN-5823-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5823-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/427?format=api", "purl": "pkg:generic/curl.se/curl@7.86.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0" } ], "aliases": [ "CVE-2022-32221" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fqs-x6nt-87ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/644?format=api", "vulnerability_id": "VCID-2r94-vq93-3kge", "summary": "STARTTLS protocol injection via MITM", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48832", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22947" }, { "reference_url": "https://curl.se/docs/CVE-2021-22947.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22947.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334763", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://hackerone.com/reports/1334763" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/418?format=api", "purl": "pkg:generic/curl.se/curl@7.79.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0" } ], "aliases": [ "CVE-2021-22947" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2r94-vq93-3kge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/653?format=api", "vulnerability_id": "VCID-2wp5-xvyh-cyaa", "summary": "TELNET stack contents disclosure", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33336", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898" }, { "reference_url": "https://curl.se/docs/CVE-2021-22898.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1176461", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://hackerone.com/reports/1176461" }, { "reference_url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_id": "39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/07/21/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228", "reference_id": "989228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/ASA-202106-8", "reference_id": "ASA-202106-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-8" }, { "reference_url": "https://security.archlinux.org/ASA-202106-9", "reference_id": "ASA-202106-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-9" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.archlinux.org/AVG-1999", "reference_id": "AVG-1999", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1999" }, { "reference_url": "https://security.archlinux.org/AVG-2000", "reference_id": "AVG-2000", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2000" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/", "reference_id": "POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "reference_url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_id": "rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/416?format=api", "purl": "pkg:generic/curl.se/curl@7.77.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.77.0" } ], "aliases": [ "CVE-2021-22898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wp5-xvyh-cyaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/673?format=api", "vulnerability_id": "VCID-2xx7-bgje-xffr", "summary": "SASL password overflow via integer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57371", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16839" }, { "reference_url": "https://curl.se/docs/CVE-2018-16839.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16839.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042012", "reference_id": "1042012", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "http://www.securitytracker.com/id/1042012" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16839.html", "reference_id": "CVE-2018-16839.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16839.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4331", "reference_id": "dsa-4331", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4331" }, { "reference_url": "https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5", "reference_id": "f3a24d7916b9173c69a3e0ee790102993833d6c5", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839", "reference_id": "show_bug.cgi?id=CVE-2018-16839", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/394?format=api", "purl": "pkg:generic/curl.se/curl@7.62.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0" } ], "aliases": [ "CVE-2018-16839" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2xx7-bgje-xffr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/668?format=api", "vulnerability_id": "VCID-333q-c9qf-vbae", "summary": "NTLM type-2 out-of-bounds buffer read", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01147", "scoring_system": "epss", "scoring_elements": "0.78775", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16890" }, { "reference_url": "https://curl.se/docs/CVE-2018-16890.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106947", "reference_id": "106947", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "http://www.securityfocus.com/bid/106947" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16890.html", "reference_id": "CVE-2018-16890.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16890.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K03314397?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://support.f5.com/csp/article/K03314397?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890", "reference_id": "show_bug.cgi?id=CVE-2018-16890", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/396?format=api", "purl": "pkg:generic/curl.se/curl@7.64.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0" } ], "aliases": [ "CVE-2018-16890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-333q-c9qf-vbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/597?format=api", "vulnerability_id": "VCID-36hy-wvfw-5bhn", "summary": "ASN.1 date parser overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74291", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7264" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2629968", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://hackerone.com/reports/2629968" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/31/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656", "reference_id": "1077656", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "reference_id": "2301888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888" }, { "reference_url": "https://curl.se/docs/CVE-2024-7264.json", "reference_id": "CVE-2024-7264.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/" } ], "url": "https://curl.se/docs/CVE-2024-7264.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7726", "reference_id": "RHSA-2024:7726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/6944-1/", "reference_id": "USN-6944-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-1/" }, { "reference_url": "https://usn.ubuntu.com/6944-2/", "reference_id": "USN-6944-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6944-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/446?format=api", "purl": "pkg:generic/curl.se/curl@8.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-56vu-mbrv-5fgr" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-k8ty-bq63-eff6" }, { "vulnerability": "VCID-kva7-rxe9-1ffb" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.1" } ], "aliases": [ "CVE-2024-7264" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36hy-wvfw-5bhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/579?format=api", "vulnerability_id": "VCID-39dz-7h6u-d7e6", "summary": "libssh key passphrase bypass without agent set", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2694", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15224" }, { "reference_url": "https://curl.se/docs/CVE-2025-15224.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://curl.se/docs/CVE-2025-15224.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3480925", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://hackerone.com/reports/3480925" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426410", "reference_id": "2426410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426410" }, { "reference_url": "https://curl.se/docs/CVE-2025-15224.json", "reference_id": "CVE-2025-15224.json", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/" } ], "url": "https://curl.se/docs/CVE-2025-15224.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/459?format=api", "purl": "pkg:generic/curl.se/curl@8.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-a82z-h3hv-g7a7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0" } ], "aliases": [ "CVE-2025-15224" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39dz-7h6u-d7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/658?format=api", "vulnerability_id": "VCID-3ga8-md1g-qqgb", "summary": "FTP wildcard stack overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73286", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8285" }, { "reference_url": "https://curl.se/docs/CVE-2020-8285.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1045844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://hackerone.com/reports/1045844" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/51", "reference_id": "51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "reference_url": "https://github.com/curl/curl/issues/6255", "reference_id": "6255", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://github.com/curl/curl/issues/6255" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162", "reference_id": "977162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285", "reference_id": "CVE-2020-8285", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/412?format=api", "purl": "pkg:generic/curl.se/curl@7.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0" } ], "aliases": [ "CVE-2020-8285" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ga8-md1g-qqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/636?format=api", "vulnerability_id": "VCID-3shp-e3et-mqf3", "summary": "CERTINFO never-ending busy-loop", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23074", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27781" }, { "reference_url": "https://curl.se/docs/CVE-2022-27781.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27781.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555441", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://hackerone.com/reports/1555441" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/424?format=api", "purl": "pkg:generic/curl.se/curl@7.83.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1" } ], "aliases": [ "CVE-2022-27781" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3shp-e3et-mqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/629?format=api", "vulnerability_id": "VCID-3vxw-r6zv-syhb", "summary": "control code in cookie denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52535", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252" }, { "reference_url": "https://curl.se/docs/CVE-2022-35252.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35252.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1613943", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://hackerone.com/reports/1613943" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831", "reference_id": "1018831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213603", "reference_id": "HT213603", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213603" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220930-0005/", "reference_id": "ntap-20220930-0005", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "reference_url": "https://usn.ubuntu.com/5587-1/", "reference_id": "USN-5587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/426?format=api", "purl": "pkg:generic/curl.se/curl@7.85.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-72yf-89en-1fff" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0" } ], "aliases": [ "CVE-2022-35252" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vxw-r6zv-syhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/630?format=api", "vulnerability_id": "VCID-42je-5dt6-qfcv", "summary": "FTP-KRB bad message verification", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36654", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32208" }, { "reference_url": "https://curl.se/docs/CVE-2022-32208.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32208.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1590071", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://hackerone.com/reports/1590071" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" }, { "reference_url": "https://usn.ubuntu.com/5499-1/", "reference_id": "USN-5499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425?format=api", "purl": "pkg:generic/curl.se/curl@7.84.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-72yf-89en-1fff" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0" } ], "aliases": [ "CVE-2022-32208" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42je-5dt6-qfcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/635?format=api", "vulnerability_id": "VCID-43m2-zsez-1kdt", "summary": "TLS and SSH connection too eager reuse", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.64836", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27782" }, { "reference_url": "https://curl.se/docs/CVE-2022-27782.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27782.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1555796", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://hackerone.com/reports/1555796" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/03/20/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6" }, { "reference_url": "https://security.archlinux.org/AVG-2706", "reference_id": "AVG-2706", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2706" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0009/", "reference_id": "ntap-20220609-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "reference_url": "https://usn.ubuntu.com/5412-1/", "reference_id": "USN-5412-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5412-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/424?format=api", "purl": "pkg:generic/curl.se/curl@7.83.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1" } ], "aliases": [ "CVE-2022-27782" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43m2-zsez-1kdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/664?format=api", "vulnerability_id": "VCID-4eqe-gybr-33fe", "summary": "TFTP small blocksize heap buffer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09715", "scoring_system": "epss", "scoring_elements": "0.93063", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5482" }, { "reference_url": "https://curl.se/docs/CVE-2019-5482.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/684603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/684603" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/", "reference_id": "6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010", "reference_id": "940010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5482.html", "reference_id": "CVE-2019-5482.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5482.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html", "reference_id": "msg00048.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html", "reference_id": "msg00055.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0003/", "reference_id": "ntap-20191004-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200416-0003/", "reference_id": "ntap-20200416-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/", "reference_id": "RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/", "reference_id": "UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" }, { "reference_url": "https://usn.ubuntu.com/4129-2/", "reference_id": "USN-4129-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/402?format=api", "purl": "pkg:generic/curl.se/curl@7.66.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0" } ], "aliases": [ "CVE-2019-5482" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4eqe-gybr-33fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/674?format=api", "vulnerability_id": "VCID-4fbt-z885-efdf", "summary": "NTLM password overflow via integer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65999", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14618" }, { "reference_url": "https://curl.se/docs/CVE-2018-14618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-14618.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1041605", "reference_id": "1041605", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "http://www.securitytracker.com/id/1041605" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327", "reference_id": "908327", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-14618.html", "reference_id": "CVE-2018-14618.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4286", "reference_id": "dsa-4286", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4286" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1880", "reference_id": "RHSA-2019:1880", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1880" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", "reference_id": "show_bug.cgi?id=CVE-2018-14618", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", "reference_id": "SNWLID-2018-0014", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { "reference_url": "https://usn.ubuntu.com/3765-1/", "reference_id": "USN-3765-1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://usn.ubuntu.com/3765-1/" }, { "reference_url": "https://usn.ubuntu.com/3765-2/", "reference_id": "USN-3765-2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/" } ], "url": "https://usn.ubuntu.com/3765-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/393?format=api", "purl": "pkg:generic/curl.se/curl@7.61.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-n416-zh4z-rbdg" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.1" } ], "aliases": [ "CVE-2018-14618" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fbt-z885-efdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/650?format=api", "vulnerability_id": "VCID-4k19-9t2q-tucv", "summary": "Metalink download sends credentials", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2101", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22923" }, { "reference_url": "https://curl.se/docs/CVE-2021-22923.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22923.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1213181", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://hackerone.com/reports/1213181" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22923" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4k19-9t2q-tucv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/582?format=api", "vulnerability_id": "VCID-55ts-hggh-2fan", "summary": "bearer token leak on cross-protocol redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14524", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12607", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14524" }, { "reference_url": "https://curl.se/docs/CVE-2025-14524.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://curl.se/docs/CVE-2025-14524.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3459417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://hackerone.com/reports/3459417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426407", "reference_id": "2426407", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426407" }, { "reference_url": "https://curl.se/docs/CVE-2025-14524.json", "reference_id": "CVE-2025-14524.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/" } ], "url": "https://curl.se/docs/CVE-2025-14524.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/459?format=api", "purl": "pkg:generic/curl.se/curl@8.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-a82z-h3hv-g7a7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0" } ], "aliases": [ "CVE-2025-14524" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55ts-hggh-2fan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/670?format=api", "vulnerability_id": "VCID-66uq-dcdp-zfhd", "summary": "SMTP end-of-response out-of-bounds read", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01568", "scoring_system": "epss", "scoring_elements": "0.8183", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3823" }, { "reference_url": "https://curl.se/docs/CVE-2019-3823.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3823.html", "reference_id": "CVE-2019-3823.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3823.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823", "reference_id": "show_bug.cgi?id=CVE-2019-3823", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf", "reference_id": "ssa-936080.pdf", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/396?format=api", "purl": "pkg:generic/curl.se/curl@7.64.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0" } ], "aliases": [ "CVE-2019-3823" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66uq-dcdp-zfhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/651?format=api", "vulnerability_id": "VCID-6dst-1qdv-3qc7", "summary": "Wrong content via Metalink not discarded", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22922" }, { "reference_url": "https://curl.se/docs/CVE-2021-22922.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22922.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1213175", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://hackerone.com/reports/1213175" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22922" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6dst-1qdv-3qc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/660?format=api", "vulnerability_id": "VCID-6e8s-49d3-pfdk", "summary": "wrong connect-only connection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36551", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8231" }, { "reference_url": "https://curl.se/docs/CVE-2020-8231.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2020-8231.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/948876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/948876" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831", "reference_id": "968831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231", "reference_id": "CVE-2020-8231", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://usn.ubuntu.com/4466-1/", "reference_id": "USN-4466-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-1/" }, { "reference_url": "https://usn.ubuntu.com/4466-2/", "reference_id": "USN-4466-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4466-2/" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/410?format=api", "purl": "pkg:generic/curl.se/curl@7.72.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.72.0" } ], "aliases": [ "CVE-2020-8231" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6e8s-49d3-pfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/663?format=api", "vulnerability_id": "VCID-78kd-h5g9-4yga", "summary": "FTP-KRB double free", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03612", "scoring_system": "epss", "scoring_elements": "0.87986", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5481" }, { "reference_url": "https://curl.se/docs/CVE-2019-5481.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5481.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/686823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/686823" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/", "reference_id": "6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009", "reference_id": "940009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940009" }, { "reference_url": "https://security.archlinux.org/AVG-1982", "reference_id": "AVG-1982", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1982" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5481.html", "reference_id": "CVE-2019-5481.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5481.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html", "reference_id": "msg00048.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html", "reference_id": "msg00055.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0003/", "reference_id": "ntap-20191004-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/", "reference_id": "RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/", "reference_id": "UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:07:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/" }, { "reference_url": "https://usn.ubuntu.com/4129-1/", "reference_id": "USN-4129-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4129-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/402?format=api", "purl": "pkg:generic/curl.se/curl@7.66.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0" } ], "aliases": [ "CVE-2019-5481" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78kd-h5g9-4yga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/607?format=api", "vulnerability_id": "VCID-7r3q-d9jh-vkec", "summary": "cookie injection with none file", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00441", "scoring_system": "epss", "scoring_elements": "0.63503", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38546" }, { "reference_url": "https://curl.se/docs/CVE-2023-38546.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://curl.se/docs/CVE-2023-38546.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2148242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/2148242" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938", "reference_id": "2241938", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241938" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/34", "reference_id": "34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/34" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/37" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jan/38", "reference_id": "38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jan/38" }, { "reference_url": "https://security.archlinux.org/AVG-2845", "reference_id": "AVG-2845", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2845" }, { "reference_url": "https://security.archlinux.org/AVG-2846", "reference_id": "AVG-2846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546", "reference_id": "CVE-2023-38546", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT214036", "reference_id": "HT214036", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214036" }, { "reference_url": "https://support.apple.com/kb/HT214057", "reference_id": "HT214057", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214057" }, { "reference_url": "https://support.apple.com/kb/HT214058", "reference_id": "HT214058", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214058" }, { "reference_url": "https://support.apple.com/kb/HT214063", "reference_id": "HT214063", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://support.apple.com/kb/HT214063" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/", "reference_id": "OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5700", "reference_id": "RHSA-2023:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5763", "reference_id": "RHSA-2023:5763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6745", "reference_id": "RHSA-2023:6745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7540", "reference_id": "RHSA-2023:7540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2101", "reference_id": "RHSA-2024:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2101" }, { "reference_url": "https://usn.ubuntu.com/6429-1/", "reference_id": "USN-6429-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-1/" }, { "reference_url": "https://usn.ubuntu.com/6429-2/", "reference_id": "USN-6429-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-2/" }, { "reference_url": "https://usn.ubuntu.com/6429-3/", "reference_id": "USN-6429-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6429-3/" }, { "reference_url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868", "reference_id": "viewtopic.php?f=8&t=8868", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/" } ], "url": "https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/439?format=api", "purl": "pkg:generic/curl.se/curl@8.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0" } ], "aliases": [ "CVE-2023-38546" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7r3q-d9jh-vkec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/669?format=api", "vulnerability_id": "VCID-82au-sdj4-1bg8", "summary": "NTLMv2 type-3 header stack buffer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18518", "scoring_system": "epss", "scoring_elements": "0.95364", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3822" }, { "reference_url": "https://curl.se/docs/CVE-2019-3822.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/106950", "reference_id": "106950", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "http://www.securityfocus.com/bid/106950" }, { "reference_url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_id": "8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E" }, { "reference_url": "https://security.archlinux.org/ASA-201902-10", "reference_id": "ASA-201902-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-10" }, { "reference_url": "https://security.archlinux.org/ASA-201902-11", "reference_id": "ASA-201902-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-11" }, { "reference_url": "https://security.archlinux.org/ASA-201902-12", "reference_id": "ASA-201902-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-12" }, { "reference_url": "https://security.archlinux.org/ASA-201902-13", "reference_id": "ASA-201902-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-13" }, { "reference_url": "https://security.archlinux.org/ASA-201902-9", "reference_id": "ASA-201902-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-9" }, { "reference_url": "https://security.archlinux.org/AVG-873", "reference_id": "AVG-873", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-873" }, { "reference_url": "https://security.archlinux.org/AVG-874", "reference_id": "AVG-874", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-874" }, { "reference_url": "https://security.archlinux.org/AVG-875", "reference_id": "AVG-875", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-875" }, { "reference_url": "https://security.archlinux.org/AVG-876", "reference_id": "AVG-876", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-876" }, { "reference_url": "https://security.archlinux.org/AVG-877", "reference_id": "AVG-877", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-877" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-3822.html", "reference_id": "CVE-2019-3822.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-3822.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4386", "reference_id": "dsa-4386", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4386" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://support.f5.com/csp/article/K84141449", "reference_id": "K84141449", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449" }, { "reference_url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K84141449?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://support.f5.com/csp/article/K84141449?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190315-0001/", "reference_id": "ntap-20190315-0001", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0004/", "reference_id": "ntap-20190719-0004", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3701", "reference_id": "RHSA-2019:3701", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", "reference_id": "show_bug.cgi?id=CVE-2019-3822", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", "reference_id": "ssa-436177.pdf", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { "reference_url": "https://usn.ubuntu.com/3882-1/", "reference_id": "USN-3882-1", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/" } ], "url": "https://usn.ubuntu.com/3882-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/396?format=api", "purl": "pkg:generic/curl.se/curl@7.64.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0" } ], "aliases": [ "CVE-2019-3822" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82au-sdj4-1bg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/617?format=api", "vulnerability_id": "VCID-922k-xceg-nkft", "summary": "FTP too eager connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11227", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27535" }, { "reference_url": "https://curl.se/docs/CVE-2023-27535.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27535.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1892780", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://hackerone.com/reports/1892780" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073", "reference_id": "2179073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535", "reference_id": "CVE-2023-27535", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2650", "reference_id": "RHSA-2023:2650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3106", "reference_id": "RHSA-2023:3106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27535" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-922k-xceg-nkft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/649?format=api", "vulnerability_id": "VCID-948z-df6d-3yb9", "summary": "Bad connection reuse due to flawed path name checks", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73372", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22924" }, { "reference_url": "https://curl.se/docs/CVE-2021-22924.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22924.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223565", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://hackerone.com/reports/1223565" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492", "reference_id": "991492", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924", "reference_id": "CVE-2021-22924", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "reference_id": "ssa-732250.pdf", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22924" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-948z-df6d-3yb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/573?format=api", "vulnerability_id": "VCID-9c2x-g9wr-dbdb", "summary": "wrong reuse of HTTP Negotiate connection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11289", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5545" }, { "reference_url": "https://curl.se/docs/CVE-2026-5545.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://curl.se/docs/CVE-2026-5545.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3642555", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://hackerone.com/reports/3642555" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461204", "reference_id": "2461204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461204" }, { "reference_url": "https://curl.se/docs/CVE-2026-5545.json", "reference_id": "CVE-2026-5545.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/" } ], "url": "https://curl.se/docs/CVE-2026-5545.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-5545" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9c2x-g9wr-dbdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/647?format=api", "vulnerability_id": "VCID-ar1s-rbmm-wyex", "summary": "CURLOPT_SSLCERT mix-up with Secure Transport", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71369", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22926" }, { "reference_url": "https://curl.se/docs/CVE-2021-22926.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22926.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1234760", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://hackerone.com/reports/1234760" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0003/", "reference_id": "ntap-20211022-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_id": "r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_id": "rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:49:01Z/" } ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22926" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ar1s-rbmm-wyex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/610?format=api", "vulnerability_id": "VCID-b788-g7hy-xqf9", "summary": "more POST-after-PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70637", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322" }, { "reference_url": "https://curl.se/docs/CVE-2023-28322.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28322.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1954658", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://hackerone.com/reports/1954658" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793", "reference_id": "2196793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433?format=api", "purl": "pkg:generic/curl.se/curl@8.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0" } ], "aliases": [ "CVE-2023-28322" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b788-g7hy-xqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/596?format=api", "vulnerability_id": "VCID-bg42-sjja-2qa6", "summary": "OCSP stapling bypass with GnuTLS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8096" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2669852", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://hackerone.com/reports/2669852" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519", "reference_id": "2310519", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310519" }, { "reference_url": "https://curl.se/docs/CVE-2024-8096.json", "reference_id": "CVE-2024-8096.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/" } ], "url": "https://curl.se/docs/CVE-2024-8096.json" }, { "reference_url": "https://usn.ubuntu.com/7012-1/", "reference_id": "USN-7012-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7012-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/447?format=api", "purl": "pkg:generic/curl.se/curl@8.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-56vu-mbrv-5fgr" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-k8ty-bq63-eff6" }, { "vulnerability": "VCID-kva7-rxe9-1ffb" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.10.0" } ], "aliases": [ "CVE-2024-8096" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bg42-sjja-2qa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/675?format=api", "vulnerability_id": "VCID-bnbs-6a5a-5yc2", "summary": "SMTP send heap buffer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01242", "scoring_system": "epss", "scoring_elements": "0.79582", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0500" }, { "reference_url": "https://curl.se/docs/CVE-2018-0500.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-0500.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546", "reference_id": "903546", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546" }, { "reference_url": "https://security.archlinux.org/ASA-201807-10", "reference_id": "ASA-201807-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-10" }, { "reference_url": "https://security.archlinux.org/ASA-201807-5", "reference_id": "ASA-201807-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-5" }, { "reference_url": "https://security.archlinux.org/ASA-201807-6", "reference_id": "ASA-201807-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-6" }, { "reference_url": "https://security.archlinux.org/ASA-201807-7", "reference_id": "ASA-201807-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-7" }, { "reference_url": "https://security.archlinux.org/ASA-201807-8", "reference_id": "ASA-201807-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-8" }, { "reference_url": "https://security.archlinux.org/ASA-201807-9", "reference_id": "ASA-201807-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-9" }, { "reference_url": "https://security.archlinux.org/AVG-729", "reference_id": "AVG-729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-729" }, { "reference_url": "https://security.archlinux.org/AVG-730", "reference_id": "AVG-730", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-730" }, { "reference_url": "https://security.archlinux.org/AVG-731", "reference_id": "AVG-731", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-731" }, { "reference_url": "https://security.archlinux.org/AVG-732", "reference_id": "AVG-732", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-732" }, { "reference_url": "https://security.archlinux.org/AVG-733", "reference_id": "AVG-733", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-733" }, { "reference_url": "https://security.archlinux.org/AVG-734", "reference_id": "AVG-734", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-734" }, { "reference_url": "https://security.gentoo.org/glsa/201807-04", "reference_id": "GLSA-201807-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201807-04" }, { "reference_url": "https://usn.ubuntu.com/3710-1/", "reference_id": "USN-3710-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3710-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392?format=api", "purl": "pkg:generic/curl.se/curl@7.61.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-n416-zh4z-rbdg" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.0" } ], "aliases": [ "CVE-2018-0500" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnbs-6a5a-5yc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/606?format=api", "vulnerability_id": "VCID-bs39-uk1w-yfcx", "summary": "cookie mixed case PSL bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44535", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46218" }, { "reference_url": "https://curl.se/docs/CVE-2023-46218.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://curl.se/docs/CVE-2023-46218.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2212193", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://hackerone.com/reports/2212193" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646", "reference_id": "1057646", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030", "reference_id": "2252030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/", "reference_id": "3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5587", "reference_id": "dsa-5587", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5587" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240125-0007/", "reference_id": "ntap-20240125-0007", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240125-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0434", "reference_id": "RHSA-2024:0434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0452", "reference_id": "RHSA-2024:0452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1129", "reference_id": "RHSA-2024:1129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/", "reference_id": "UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/" }, { "reference_url": "https://usn.ubuntu.com/6535-1/", "reference_id": "USN-6535-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6535-1/" }, { "reference_url": "https://usn.ubuntu.com/6641-1/", "reference_id": "USN-6641-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6641-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/440?format=api", "purl": "pkg:generic/curl.se/curl@8.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-56vu-mbrv-5fgr" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-drgp-bhfz-gyeb" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-kbjt-sq58-1qfg" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0" } ], "aliases": [ "CVE-2023-46218" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bs39-uk1w-yfcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/665?format=api", "vulnerability_id": "VCID-cbeq-zwed-2fg8", "summary": "Windows OpenSSL engine code injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00992", "scoring_system": "epss", "scoring_elements": "0.77201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5443" }, { "reference_url": "https://curl.se/docs/CVE-2019-5443.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5443.html" }, { "reference_url": "https://hackerone.com/reports/608577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/608577" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/402?format=api", "purl": "pkg:generic/curl.se/curl@7.66.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0" } ], "aliases": [ "CVE-2019-5443" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbeq-zwed-2fg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/611?format=api", "vulnerability_id": "VCID-evh5-vmmv-5uee", "summary": "IDN wildcard match", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53266", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28321" }, { "reference_url": "https://curl.se/docs/CVE-2023-28321.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28321.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1950627", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://hackerone.com/reports/1950627" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786", "reference_id": "2196786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6292", "reference_id": "RHSA-2023:6292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6292" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433?format=api", "purl": "pkg:generic/curl.se/curl@8.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0" } ], "aliases": [ "CVE-2023-28321" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evh5-vmmv-5uee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/601?format=api", "vulnerability_id": "VCID-g95u-1q59-ckh7", "summary": "HTTP/2 push headers memory-leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84026", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2398" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2402845", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://hackerone.com/reports/2402845" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498", "reference_id": "2270498", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/", "reference_id": "2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/27/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3" }, { "reference_url": "https://curl.se/docs/CVE-2024-2398.json", "reference_id": "CVE-2024-2398.json", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://curl.se/docs/CVE-2024-2398.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-20", "reference_id": "GLSA-202409-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-20" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/", "reference_id": "GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/" }, { "reference_url": "https://support.apple.com/kb/HT214118", "reference_id": "HT214118", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214118" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://support.apple.com/kb/HT214120", "reference_id": "HT214120", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://support.apple.com/kb/HT214120" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240503-0009/", "reference_id": "ntap-20240503-0009", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240503-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3998", "reference_id": "RHSA-2024:3998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5529", "reference_id": "RHSA-2024:5529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5654", "reference_id": "RHSA-2024:5654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://usn.ubuntu.com/6718-1/", "reference_id": "USN-6718-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-1/" }, { "reference_url": "https://usn.ubuntu.com/6718-2/", "reference_id": "USN-6718-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-2/" }, { "reference_url": "https://usn.ubuntu.com/6718-3/", "reference_id": "USN-6718-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6718-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442?format=api", "purl": "pkg:generic/curl.se/curl@8.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-56vu-mbrv-5fgr" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-eev8-7p7g-6qfm" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0" } ], "aliases": [ "CVE-2024-2398" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g95u-1q59-ckh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/656?format=api", "vulnerability_id": "VCID-gnc8-1tfm-yqbd", "summary": "Automatic referer leaks credentials", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29924", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876" }, { "reference_url": "https://curl.se/docs/CVE-2021-22876.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1101882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://hackerone.com/reports/1101882" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269", "reference_id": "986269", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.archlinux.org/AVG-1757", "reference_id": "AVG-1757", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1757" }, { "reference_url": "https://security.archlinux.org/AVG-1758", "reference_id": "AVG-1758", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876", "reference_id": "CVE-2021-22876", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" }, { "reference_url": "https://usn.ubuntu.com/4903-1/", "reference_id": "USN-4903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/414?format=api", "purl": "pkg:generic/curl.se/curl@7.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sgq9-uyy6-dbeb" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0" } ], "aliases": [ "CVE-2021-22876" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnc8-1tfm-yqbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/574?format=api", "vulnerability_id": "VCID-guru-ff8a-wqgu", "summary": "connection reuse ignores TLS requirement", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02654", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4873" }, { "reference_url": "https://curl.se/docs/CVE-2026-4873.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://curl.se/docs/CVE-2026-4873.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3621851", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://hackerone.com/reports/3621851" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461200", "reference_id": "2461200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461200" }, { "reference_url": "https://curl.se/docs/CVE-2026-4873.json", "reference_id": "CVE-2026-4873.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/" } ], "url": "https://curl.se/docs/CVE-2026-4873.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-4873" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-guru-ff8a-wqgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/583?format=api", "vulnerability_id": "VCID-h1e3-v4dt-ayav", "summary": "broken TLS options for threaded LDAPS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14017", "reference_id": "", "reference_type": "", "scores": [ { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.0021", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14017" }, { "reference_url": "https://curl.se/docs/CVE-2025-14017.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/" } ], "url": "https://curl.se/docs/CVE-2025-14017.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427870", "reference_id": "2427870", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427870" }, { "reference_url": "https://curl.se/docs/CVE-2025-14017.json", "reference_id": "CVE-2025-14017.json", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/" } ], "url": "https://curl.se/docs/CVE-2025-14017.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/459?format=api", "purl": "pkg:generic/curl.se/curl@8.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-a82z-h3hv-g7a7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0" } ], "aliases": [ "CVE-2025-14017" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1e3-v4dt-ayav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/648?format=api", "vulnerability_id": "VCID-h9pa-n4v6-c7c6", "summary": "TELNET stack contents disclosure again", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46211", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925" }, { "reference_url": "https://curl.se/docs/CVE-2021-22925.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22925.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://hackerone.com/reports/1223882" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/39", "reference_id": "39", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/40", "reference_id": "40", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT212804", "reference_id": "HT212804", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212804" }, { "reference_url": "https://support.apple.com/kb/HT212805", "reference_id": "HT212805", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212805" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22925" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9pa-n4v6-c7c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/577?format=api", "vulnerability_id": "VCID-hdnn-2m1x-hydf", "summary": "token leak with redirect and netrc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07298", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3783" }, { "reference_url": "https://curl.se/docs/CVE-2026-3783.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://curl.se/docs/CVE-2026-3783.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3583983", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://hackerone.com/reports/3583983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446450", "reference_id": "2446450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446450" }, { "reference_url": "https://curl.se/docs/CVE-2026-3783.json", "reference_id": "CVE-2026-3783.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/" } ], "url": "https://curl.se/docs/CVE-2026-3783.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/460?format=api", "purl": "pkg:generic/curl.se/curl@8.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0" } ], "aliases": [ "CVE-2026-3783" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdnn-2m1x-hydf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/591?format=api", "vulnerability_id": "VCID-hfyp-6h1g-ykhk", "summary": "gzip integer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69773", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0725" }, { "reference_url": "https://curl.se/docs/CVE-2025-0725.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://curl.se/docs/CVE-2025-0725.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/2956023", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://hackerone.com/reports/2956023" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343899", "reference_id": "2343899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343899" }, { "reference_url": "https://curl.se/docs/CVE-2025-0725.json", "reference_id": "CVE-2025-0725.json", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/" } ], "url": "https://curl.se/docs/CVE-2025-0725.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/451?format=api", "purl": "pkg:generic/curl.se/curl@8.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56vu-mbrv-5fgr" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-k8ty-bq63-eff6" }, { "vulnerability": "VCID-kva7-rxe9-1ffb" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-vrcx-6hyq-a7dc" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0" } ], "aliases": [ "CVE-2025-0725" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hfyp-6h1g-ykhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/576?format=api", "vulnerability_id": "VCID-hjn9-ubdc-2qh9", "summary": "wrong proxy connection reuse with credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06894", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3584903", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://hackerone.com/reports/3584903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449", "reference_id": "2446449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.json", "reference_id": "CVE-2026-3784.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/460?format=api", "purl": "pkg:generic/curl.se/curl@8.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0" } ], "aliases": [ "CVE-2026-3784" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjn9-ubdc-2qh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/623?format=api", "vulnerability_id": "VCID-hxt8-j2wk-jqbu", "summary": "HTTP Proxy deny use after free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27966", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43552" }, { "reference_url": "https://curl.se/docs/CVE-2022-43552.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-43552.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1764858", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://hackerone.com/reports/1764858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830", "reference_id": "1026830", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Mar/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652", "reference_id": "2152652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213670", "reference_id": "HT213670", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://support.apple.com/kb/HT213670" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230214-0002/", "reference_id": "ntap-20230214-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7743", "reference_id": "RHSA-2023:7743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5788-1/", "reference_id": "USN-5788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5788-1/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/428?format=api", "purl": "pkg:generic/curl.se/curl@7.87.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0" } ], "aliases": [ "CVE-2022-43552" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxt8-j2wk-jqbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/616?format=api", "vulnerability_id": "VCID-jrdn-k4c1-hkcs", "summary": "GSS delegation too eager connection reuse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01412", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27536" }, { "reference_url": "https://curl.se/docs/CVE-2023-27536.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27536.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1895135", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://hackerone.com/reports/1895135" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092", "reference_id": "2179092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536", "reference_id": "CVE-2023-27536", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4523", "reference_id": "RHSA-2023:4523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27536" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrdn-k4c1-hkcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/632?format=api", "vulnerability_id": "VCID-k2cc-pe53-b3bd", "summary": "HTTP compression denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03367", "scoring_system": "epss", "scoring_elements": "0.87566", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32206" }, { "reference_url": "https://curl.se/docs/CVE-2022-32206.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32206.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1570651", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://hackerone.com/reports/1570651" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/28", "reference_id": "28", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/02/15/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Oct/41", "reference_id": "41", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "reference_url": "https://security.archlinux.org/AVG-2817", "reference_id": "AVG-2817", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2817" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/", "reference_id": "BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213488", "reference_id": "HT213488", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://support.apple.com/kb/HT213488" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0003/", "reference_id": "ntap-20220915-0003", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:52Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "reference_url": "https://usn.ubuntu.com/5495-1/", "reference_id": "USN-5495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5495-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425?format=api", "purl": "pkg:generic/curl.se/curl@7.84.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-72yf-89en-1fff" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0" } ], "aliases": [ "CVE-2022-32206" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2cc-pe53-b3bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/661?format=api", "vulnerability_id": "VCID-mavm-1p7b-z3gt", "summary": "curl overwrite local file with -J", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8177" }, { "reference_url": "https://curl.se/docs/CVE-2020-8177.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/887462", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://hackerone.com/reports/887462" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281", "reference_id": "965281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281" }, { "reference_url": "https://security.archlinux.org/AVG-1194", "reference_id": "AVG-1194", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1194" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202007-16", "reference_id": "GLSA-202007-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-16" }, { "reference_url": "https://usn.ubuntu.com/4402-1/", "reference_id": "USN-4402-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4402-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/408?format=api", "purl": "pkg:generic/curl.se/curl@7.71.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.71.0" } ], "aliases": [ "CVE-2020-8177" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mavm-1p7b-z3gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/672?format=api", "vulnerability_id": "VCID-n416-zh4z-rbdg", "summary": "use after free in handle close", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16840" }, { "reference_url": "https://curl.se/docs/CVE-2018-16840.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16840.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042013", "reference_id": "1042013", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "http://www.securitytracker.com/id/1042013" }, { "reference_url": "https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f", "reference_id": "81d135d67155c5295b1033679c606165d4e28f3f", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/ASA-201811-5", "reference_id": "ASA-201811-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-5" }, { "reference_url": "https://security.archlinux.org/ASA-201811-6", "reference_id": "ASA-201811-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-6" }, { "reference_url": "https://security.archlinux.org/ASA-201811-7", "reference_id": "ASA-201811-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-7" }, { "reference_url": "https://security.archlinux.org/ASA-201811-8", "reference_id": "ASA-201811-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-8" }, { "reference_url": "https://security.archlinux.org/ASA-201811-9", "reference_id": "ASA-201811-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-9" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://security.archlinux.org/AVG-796", "reference_id": "AVG-796", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-796" }, { "reference_url": "https://security.archlinux.org/AVG-797", "reference_id": "AVG-797", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-797" }, { "reference_url": "https://security.archlinux.org/AVG-798", "reference_id": "AVG-798", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-798" }, { "reference_url": "https://security.archlinux.org/AVG-799", "reference_id": "AVG-799", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-799" }, { "reference_url": "https://security.archlinux.org/AVG-800", "reference_id": "AVG-800", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-800" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16840.html", "reference_id": "CVE-2018-16840.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16840.html" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840", "reference_id": "show_bug.cgi?id=CVE-2018-16840", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:08:48Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/394?format=api", "purl": "pkg:generic/curl.se/curl@7.62.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0" } ], "aliases": [ "CVE-2018-16840" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n416-zh4z-rbdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/614?format=api", "vulnerability_id": "VCID-ntea-fmp4-u3a5", "summary": "SSH connection too eager reuse still", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01706", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27538" }, { "reference_url": "https://curl.se/docs/CVE-2023-27538.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27538.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1898475", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://hackerone.com/reports/1898475" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103", "reference_id": "2179103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179103" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538", "reference_id": "CVE-2023-27538", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0010/", "reference_id": "ntap-20230420-0010", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27538" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntea-fmp4-u3a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/619?format=api", "vulnerability_id": "VCID-pvdy-3kvz-tud2", "summary": "TELNET option IAC injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39187", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533" }, { "reference_url": "https://curl.se/docs/CVE-2023-27533.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27533.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1891474", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://hackerone.com/reports/1891474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062", "reference_id": "2179062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0011/", "reference_id": "ntap-20230420-0011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27533" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvdy-3kvz-tud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/645?format=api", "vulnerability_id": "VCID-pyb7-2c5k-47c4", "summary": "Protocol downgrade required TLS bypassed", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19732", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22946" }, { "reference_url": "https://curl.se/docs/CVE-2021-22946.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22946.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1334111", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://hackerone.com/reports/1334111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589", "reference_id": "1017589", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Mar/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", "reference_id": "APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "reference_url": "https://security.archlinux.org/AVG-2384", "reference_id": "AVG-2384", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2384" }, { "reference_url": "https://security.archlinux.org/AVG-2385", "reference_id": "AVG-2385", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2385" }, { "reference_url": "https://security.archlinux.org/AVG-2386", "reference_id": "AVG-2386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2386" }, { "reference_url": "https://security.archlinux.org/AVG-2387", "reference_id": "AVG-2387", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2387" }, { "reference_url": "https://security.archlinux.org/AVG-2388", "reference_id": "AVG-2388", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2388" }, { "reference_url": "https://security.archlinux.org/AVG-2389", "reference_id": "AVG-2389", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2389" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213183", "reference_id": "HT213183", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://support.apple.com/kb/HT213183" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211029-0003/", "reference_id": "ntap-20211029-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0008/", "reference_id": "ntap-20220121-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", "reference_id": "RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "reference_url": "https://usn.ubuntu.com/5079-1/", "reference_id": "USN-5079-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-1/" }, { "reference_url": "https://usn.ubuntu.com/5079-2/", "reference_id": "USN-5079-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5079-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/418?format=api", "purl": "pkg:generic/curl.se/curl@7.79.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0" } ], "aliases": [ "CVE-2021-22946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyb7-2c5k-47c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/571?format=api", "vulnerability_id": "VCID-qb3k-dzzx-cyb2", "summary": "proxy credentials leak over redirect-to proxy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0903", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6253" }, { "reference_url": "https://curl.se/docs/CVE-2026-6253.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2026-6253.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3669637", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://hackerone.com/reports/3669637" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461202", "reference_id": "2461202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461202" }, { "reference_url": "https://curl.se/docs/CVE-2026-6253.json", "reference_id": "CVE-2026-6253.json", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/" } ], "url": "https://curl.se/docs/CVE-2026-6253.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-6253" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb3k-dzzx-cyb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/612?format=api", "vulnerability_id": "VCID-qbw7-ay83-rket", "summary": "siglongjmp race condition", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70937", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28320" }, { "reference_url": "https://curl.se/docs/CVE-2023-28320.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28320.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1929597", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://hackerone.com/reports/1929597" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196783", "reference_id": "2196783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196783" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433?format=api", "purl": "pkg:generic/curl.se/curl@8.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0" } ], "aliases": [ "CVE-2023-28320" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qbw7-ay83-rket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/659?format=api", "vulnerability_id": "VCID-rmrr-cpq4-9yer", "summary": "trusting FTP PASV responses", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28001", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284" }, { "reference_url": "https://curl.se/docs/CVE-2020-8284.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1040166", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://hackerone.com/reports/1040166" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163", "reference_id": "977163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/412?format=api", "purl": "pkg:generic/curl.se/curl@7.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0" } ], "aliases": [ "CVE-2020-8284" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmrr-cpq4-9yer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/572?format=api", "vulnerability_id": "VCID-sz5z-1ktj-bkff", "summary": "wrong reuse of SMB connection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05486", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5773" }, { "reference_url": "https://curl.se/docs/CVE-2026-5773.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://curl.se/docs/CVE-2026-5773.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3650689", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://hackerone.com/reports/3650689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461201", "reference_id": "2461201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461201" }, { "reference_url": "https://curl.se/docs/CVE-2026-5773.json", "reference_id": "CVE-2026-5773.json", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/" } ], "url": "https://curl.se/docs/CVE-2026-5773.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-5773" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sz5z-1ktj-bkff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/569?format=api", "vulnerability_id": "VCID-t1rn-wxx1-2qd3", "summary": "netrc credential leak with reused proxy connection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06208", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6429" }, { "reference_url": "https://curl.se/docs/CVE-2026-6429.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://curl.se/docs/CVE-2026-6429.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3677759", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://hackerone.com/reports/3677759" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461205", "reference_id": "2461205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461205" }, { "reference_url": "https://curl.se/docs/CVE-2026-6429.json", "reference_id": "CVE-2026-6429.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/" } ], "url": "https://curl.se/docs/CVE-2026-6429.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12916", "reference_id": "RHSA-2026:12916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12916" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-6429" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1rn-wxx1-2qd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/580?format=api", "vulnerability_id": "VCID-tbq2-5mpk-47gx", "summary": "libssh global known_hosts override", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1491", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15079" }, { "reference_url": "https://curl.se/docs/CVE-2025-15079.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-15079.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3477116", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://hackerone.com/reports/3477116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426409", "reference_id": "2426409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426409" }, { "reference_url": "https://curl.se/docs/CVE-2025-15079.json", "reference_id": "CVE-2025-15079.json", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/" } ], "url": "https://curl.se/docs/CVE-2025-15079.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8062-1/", "reference_id": "USN-8062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-1/" }, { "reference_url": "https://usn.ubuntu.com/8062-2/", "reference_id": "USN-8062-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8062-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/459?format=api", "purl": "pkg:generic/curl.se/curl@8.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-a82z-h3hv-g7a7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0" } ], "aliases": [ "CVE-2025-15079" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbq2-5mpk-47gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/643?format=api", "vulnerability_id": "VCID-tzdv-3a3k-tyaa", "summary": "OAUTH2 bearer bypass in connection reuse", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57595", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22576" }, { "reference_url": "https://curl.se/docs/CVE-2022-22576.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-22576.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1526328", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://hackerone.com/reports/1526328" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295", "reference_id": "1010295", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/423?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dnn-arvb-nuek" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-q9sj-vhnr-a7ee" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-r27q-cvqa-wueu" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tfp8-2vsv-jfdk" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-22576" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdv-3a3k-tyaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/671?format=api", "vulnerability_id": "VCID-uv3d-52va-b7hr", "summary": "warning message out-of-buffer read", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36872", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16842" }, { "reference_url": "https://curl.se/docs/CVE-2018-16842.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-16842.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1042014", "reference_id": "1042014", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "http://www.securitytracker.com/id/1042014" }, { "reference_url": "https://security.archlinux.org/ASA-201811-4", "reference_id": "ASA-201811-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-4" }, { "reference_url": "https://security.archlinux.org/AVG-795", "reference_id": "AVG-795", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-795" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2018-16842.html", "reference_id": "CVE-2018-16842.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2018-16842.html" }, { "reference_url": "https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211", "reference_id": "d530e92f59ae9bb2d47066c3c460b25d2ffeb211", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4331", "reference_id": "dsa-4331", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4331" }, { "reference_url": "https://security.gentoo.org/glsa/201903-03", "reference_id": "GLSA-201903-03", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://security.gentoo.org/glsa/201903-03" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2181", "reference_id": "RHSA-2019:2181", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842", "reference_id": "show_bug.cgi?id=CVE-2018-16842", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842" }, { "reference_url": "https://usn.ubuntu.com/3805-1/", "reference_id": "USN-3805-1", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://usn.ubuntu.com/3805-1/" }, { "reference_url": "https://usn.ubuntu.com/3805-2/", "reference_id": "USN-3805-2", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/" } ], "url": "https://usn.ubuntu.com/3805-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/394?format=api", "purl": "pkg:generic/curl.se/curl@7.62.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hqa5-x8gq-kbe8" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0" } ], "aliases": [ "CVE-2018-16842" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uv3d-52va-b7hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/666?format=api", "vulnerability_id": "VCID-v8t7-d4zr-3kb5", "summary": "TFTP receive buffer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15484", "scoring_system": "epss", "scoring_elements": "0.94777", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5436" }, { "reference_url": "https://curl.se/docs/CVE-2019-5436.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2019-5436.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/550696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/550696" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/36", "reference_id": "36", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://seclists.org/bugtraq/2020/Feb/36" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/11/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/11/6" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351", "reference_id": "929351", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351" }, { "reference_url": "https://security.archlinux.org/ASA-201905-11", "reference_id": "ASA-201905-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-11" }, { "reference_url": "https://security.archlinux.org/ASA-201905-12", "reference_id": "ASA-201905-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-12" }, { "reference_url": "https://security.archlinux.org/ASA-201905-13", "reference_id": "ASA-201905-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-13" }, { "reference_url": "https://security.archlinux.org/ASA-201905-14", "reference_id": "ASA-201905-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-14" }, { "reference_url": "https://security.archlinux.org/ASA-201905-15", "reference_id": "ASA-201905-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-15" }, { "reference_url": "https://security.archlinux.org/ASA-201905-16", "reference_id": "ASA-201905-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201905-16" }, { "reference_url": "https://security.archlinux.org/AVG-959", "reference_id": "AVG-959", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-959" }, { "reference_url": "https://security.archlinux.org/AVG-960", "reference_id": "AVG-960", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-960" }, { "reference_url": "https://security.archlinux.org/AVG-961", "reference_id": "AVG-961", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-961" }, { "reference_url": "https://security.archlinux.org/AVG-962", "reference_id": "AVG-962", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-962" }, { "reference_url": "https://security.archlinux.org/AVG-963", "reference_id": "AVG-963", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-963" }, { "reference_url": "https://security.archlinux.org/AVG-964", "reference_id": "AVG-964", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-964" }, { "reference_url": "https://curl.haxx.se/docs/CVE-2019-5436.html", "reference_id": "CVE-2019-5436.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://curl.haxx.se/docs/CVE-2019-5436.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4633", "reference_id": "dsa-4633", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4633" }, { "reference_url": "https://security.gentoo.org/glsa/202003-29", "reference_id": "GLSA-202003-29", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://security.gentoo.org/glsa/202003-29" }, { "reference_url": "https://support.f5.com/csp/article/K55133295", "reference_id": "K55133295", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://support.f5.com/csp/article/K55133295" }, { "reference_url": "https://support.f5.com/csp/article/K55133295?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K55133295?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://support.f5.com/csp/article/K55133295?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190606-0004/", "reference_id": "ntap-20190606-0004", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190606-0004/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/", "reference_id": "SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/" }, { "reference_url": "https://usn.ubuntu.com/3993-1/", "reference_id": "USN-3993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-1/" }, { "reference_url": "https://usn.ubuntu.com/3993-2/", "reference_id": "USN-3993-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3993-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/398?format=api", "purl": "pkg:generic/curl.se/curl@7.65.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19gj-257d-fqgw" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.65.0" } ], "aliases": [ "CVE-2019-5436" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v8t7-d4zr-3kb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/657?format=api", "vulnerability_id": "VCID-w1kv-8hj7-z7a8", "summary": "Inferior OCSP verification", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52318", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8286" }, { "reference_url": "https://curl.se/docs/CVE-2020-8286.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1048457", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://hackerone.com/reports/1048457" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/50", "reference_id": "50", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/51", "reference_id": "51", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Apr/54", "reference_id": "54", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161", "reference_id": "977161", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286", "reference_id": "CVE-2020-8286", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf", "reference_id": "ssa-200951.pdf", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/412?format=api", "purl": "pkg:generic/curl.se/curl@7.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0" } ], "aliases": [ "CVE-2020-8286" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w1kv-8hj7-z7a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/567?format=api", "vulnerability_id": "VCID-wqeb-6u57-4bck", "summary": "cross-proxy Digest auth state leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23396", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7168" }, { "reference_url": "https://curl.se/docs/CVE-2026-7168.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2026-7168.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3697719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/3697719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476979", "reference_id": "2476979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19106", "reference_id": "RHSA-2026:19106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19106" }, { "reference_url": "https://usn.ubuntu.com/8227-1/", "reference_id": "USN-8227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/461?format=api", "purl": "pkg:generic/curl.se/curl@8.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0" } ], "aliases": [ "CVE-2026-7168" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqeb-6u57-4bck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/642?format=api", "vulnerability_id": "VCID-y79j-fe1u-eyc2", "summary": "Credential leak on redirect", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54815", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774" }, { "reference_url": "https://curl.se/docs/CVE-2022-27774.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27774.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1543773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://hackerone.com/reports/1543773" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254", "reference_id": "1010254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/423?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dnn-arvb-nuek" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-q9sj-vhnr-a7ee" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-r27q-cvqa-wueu" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tfp8-2vsv-jfdk" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27774" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y79j-fe1u-eyc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/620?format=api", "vulnerability_id": "VCID-yphr-tywa-jyb2", "summary": "HTTP multi-header compression denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20724", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23916" }, { "reference_url": "https://curl.se/docs/CVE-2023-23916.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-23916.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1826048", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://hackerone.com/reports/1826048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371", "reference_id": "1031371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815", "reference_id": "2167815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/", "reference_id": "BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5365", "reference_id": "dsa-5365", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html", "reference_id": "msg00035.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230309-0006/", "reference_id": "ntap-20230309-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1140", "reference_id": "RHSA-2023:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1701", "reference_id": "RHSA-2023:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1842", "reference_id": "RHSA-2023:1842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3460", "reference_id": "RHSA-2023:3460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5891-1/", "reference_id": "USN-5891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/429?format=api", "purl": "pkg:generic/curl.se/curl@7.88.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u1f8-mmzh-tqb4" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0" } ], "aliases": [ "CVE-2023-23916" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yphr-tywa-jyb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/640?format=api", "vulnerability_id": "VCID-yq8t-vx5q-k3hp", "summary": "Auth/cookie leak on redirect", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71955", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776" }, { "reference_url": "https://curl.se/docs/CVE-2022-27776.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27776.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1547048", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://hackerone.com/reports/1547048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252", "reference_id": "1010252", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", "reference_id": "7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", "reference_id": "DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/423?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dnn-arvb-nuek" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-q9sj-vhnr-a7ee" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-r27q-cvqa-wueu" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tfp8-2vsv-jfdk" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27776" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yq8t-vx5q-k3hp" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/676?format=api", "vulnerability_id": "VCID-447t-29ej-aqee", "summary": "FTP shutdown response buffer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00926", "scoring_system": "epss", "scoring_elements": "0.7638", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000300" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000300.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000300.html" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "USN-3648-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3648-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/391?format=api", "purl": "pkg:generic/curl.se/curl@7.60.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bnbs-6a5a-5yc2" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-n416-zh4z-rbdg" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0" } ], "aliases": [ "CVE-2018-1000300" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-447t-29ej-aqee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/677?format=api", "vulnerability_id": "VCID-9tr9-xdae-gkhu", "summary": "RTSP bad headers buffer over-read", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02845", "scoring_system": "epss", "scoring_elements": "0.86469", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000301" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000301.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000301.html" }, { "reference_url": "http://www.securitytracker.com/id/1040931", "reference_id": "1040931", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "http://www.securitytracker.com/id/1040931" }, { "reference_url": "http://www.securityfocus.com/bid/104225", "reference_id": "104225", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "http://www.securityfocus.com/bid/104225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856", "reference_id": "898856", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856" }, { "reference_url": "https://curl.haxx.se/docs/adv_2018-b138.html", "reference_id": "adv_2018-b138.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://curl.haxx.se/docs/adv_2018-b138.html" }, { "reference_url": "https://security.archlinux.org/ASA-201805-13", "reference_id": "ASA-201805-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-13" }, { "reference_url": "https://security.archlinux.org/ASA-201805-14", "reference_id": "ASA-201805-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-14" }, { "reference_url": "https://security.archlinux.org/ASA-201805-15", "reference_id": "ASA-201805-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-15" }, { "reference_url": "https://security.archlinux.org/ASA-201805-16", "reference_id": "ASA-201805-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-16" }, { "reference_url": "https://security.archlinux.org/ASA-201805-17", "reference_id": "ASA-201805-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-17" }, { "reference_url": "https://security.archlinux.org/ASA-201805-18", "reference_id": "ASA-201805-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-18" }, { "reference_url": "https://security.archlinux.org/AVG-694", "reference_id": "AVG-694", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-694" }, { "reference_url": "https://security.archlinux.org/AVG-695", "reference_id": "AVG-695", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-695" }, { "reference_url": "https://security.archlinux.org/AVG-696", "reference_id": "AVG-696", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-696" }, { "reference_url": "https://security.archlinux.org/AVG-697", "reference_id": "AVG-697", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-697" }, { "reference_url": "https://security.archlinux.org/AVG-698", "reference_id": "AVG-698", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-698" }, { "reference_url": "https://security.archlinux.org/AVG-699", "reference_id": "AVG-699", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-699" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4202", "reference_id": "dsa-4202", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4202" }, { "reference_url": "https://security.gentoo.org/glsa/201806-05", "reference_id": "GLSA-201806-05", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://security.gentoo.org/glsa/201806-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html", "reference_id": "msg00010.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html" }, { "reference_url": "https://usn.ubuntu.com/3648-1/", "reference_id": "USN-3648-1", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/" } ], "url": "https://usn.ubuntu.com/3648-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/391?format=api", "purl": "pkg:generic/curl.se/curl@7.60.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bnbs-6a5a-5yc2" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-n416-zh4z-rbdg" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0" } ], "aliases": [ "CVE-2018-1000301" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tr9-xdae-gkhu" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0" }