Package Instance

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3707

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8620

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1y6d-7vfu-ybb3

url VCID-2u6v-6vm9-z3by

vulnerability_id VCID-2u6v-6vm9-z3by

summary The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json

reference_url

reference_id

reference_type

scores

value	0.00226
scoring_system	epss
scoring_elements	0.4539
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3707

reference_url

https://curl.se/docs/CVE-2014-3707.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-3707.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1154941
reference_id	1154941
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1154941

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-3707

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u6v-6vm9-z3by

url VCID-3ws4-1sak-r3ck

vulnerability_id VCID-3ws4-1sak-r3ck

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16890

reference_id

reference_type

scores

value	0.01204
scoring_system	epss
scoring_elements	0.79272
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16890

reference_url

https://curl.se/docs/CVE-2018-16890.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-16890.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1670252
reference_id	1670252
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1670252

reference_url	https://security.archlinux.org/ASA-201902-10
reference_id	ASA-201902-10
reference_type
scores
url	https://security.archlinux.org/ASA-201902-10

reference_url	https://security.archlinux.org/ASA-201902-11
reference_id	ASA-201902-11
reference_type
scores
url	https://security.archlinux.org/ASA-201902-11

reference_url	https://security.archlinux.org/ASA-201902-12
reference_id	ASA-201902-12
reference_type
scores
url	https://security.archlinux.org/ASA-201902-12

reference_url	https://security.archlinux.org/ASA-201902-13
reference_id	ASA-201902-13
reference_type
scores
url	https://security.archlinux.org/ASA-201902-13

reference_url	https://security.archlinux.org/ASA-201902-9
reference_id	ASA-201902-9
reference_type
scores
url	https://security.archlinux.org/ASA-201902-9

reference_url

reference_id

AVG-873

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-874

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-875

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-876

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-877

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json

reference_url	https://access.redhat.com/errata/RHSA-2019:3701
reference_id	RHSA-2019:3701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3701

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-16890

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ws4-1sak-r3ck

url VCID-4hha-2z31-2bf8

vulnerability_id VCID-4hha-2z31-2bf8

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16839

reference_id

reference_type

scores

value	0.00346
scoring_system	epss
scoring_elements	0.57384
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16839

reference_url

https://curl.se/docs/CVE-2018-16839.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-16839.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1642201
reference_id	1642201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1642201

reference_url	https://security.archlinux.org/ASA-201811-7
reference_id	ASA-201811-7
reference_type
scores
url	https://security.archlinux.org/ASA-201811-7

reference_url	https://security.archlinux.org/ASA-201811-8
reference_id	ASA-201811-8
reference_type
scores
url	https://security.archlinux.org/ASA-201811-8

reference_url	https://security.archlinux.org/ASA-201811-9
reference_id	ASA-201811-9
reference_type
scores
url	https://security.archlinux.org/ASA-201811-9

reference_url

reference_id

AVG-796

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-797

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-798

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-16839

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hha-2z31-2bf8

url VCID-51ac-1jc2-vfed

vulnerability_id VCID-51ac-1jc2-vfed

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8622

reference_id

reference_type

scores

value	0.0185
scoring_system	epss
scoring_elements	0.83349
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8622

reference_url

https://curl.se/docs/CVE-2016-8622.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8622.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388386
reference_id	1388386
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388386

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8622

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-51ac-1jc2-vfed

url VCID-5svr-3vv9-mqea

vulnerability_id VCID-5svr-3vv9-mqea

summary When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.

references

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000100

reference_id

reference_type

scores

value	0.00618
scoring_system	epss
scoring_elements	0.70342
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000100

reference_url

https://curl.se/docs/CVE-2017-1000100.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-1000100.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1478310
reference_id	1478310
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1478310

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555
reference_id	871555
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555

reference_url	https://security.archlinux.org/ASA-201708-16
reference_id	ASA-201708-16
reference_type
scores
url	https://security.archlinux.org/ASA-201708-16

reference_url	https://security.archlinux.org/ASA-201710-3
reference_id	ASA-201710-3
reference_type
scores
url	https://security.archlinux.org/ASA-201710-3

reference_url	https://security.archlinux.org/ASA-201710-4
reference_id	ASA-201710-4
reference_type
scores
url	https://security.archlinux.org/ASA-201710-4

reference_url	https://security.archlinux.org/ASA-201710-5
reference_id	ASA-201710-5
reference_type
scores
url	https://security.archlinux.org/ASA-201710-5

reference_url	https://security.archlinux.org/ASA-201710-6
reference_id	ASA-201710-6
reference_type
scores
url	https://security.archlinux.org/ASA-201710-6

reference_url	https://security.archlinux.org/ASA-201710-7
reference_id	ASA-201710-7
reference_type
scores
url	https://security.archlinux.org/ASA-201710-7

reference_url

https://security.archlinux.org/AVG-370

reference_id

AVG-370

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-370

reference_url

https://security.archlinux.org/AVG-371

reference_id

AVG-371

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-371

reference_url

https://security.archlinux.org/AVG-386

reference_id

AVG-386

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-386

reference_url

https://security.archlinux.org/AVG-387

reference_id

AVG-387

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-387

reference_url

https://security.archlinux.org/AVG-388

reference_id

AVG-388

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-388

reference_url

https://security.archlinux.org/AVG-389

reference_id

AVG-389

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-389

reference_url	https://security.gentoo.org/glsa/201709-14
reference_id	GLSA-201709-14
reference_type
scores
url	https://security.gentoo.org/glsa/201709-14

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

aliases CVE-2017-1000100

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5svr-3vv9-mqea

url VCID-5xjw-u8ad-n3g5

vulnerability_id VCID-5xjw-u8ad-n3g5

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8615

reference_id

reference_type

scores

value	0.04293
scoring_system	epss
scoring_elements	0.89048
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8615

reference_url

https://curl.se/docs/CVE-2016-8615.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8615.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370
reference_id	1388370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8615

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xjw-u8ad-n3g5

url VCID-6745-tyba-33fa

vulnerability_id VCID-6745-tyba-33fa

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000301

reference_id

reference_type

scores

value	0.02845
scoring_system	epss
scoring_elements	0.86486
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000301

reference_url

https://curl.se/docs/CVE-2018-1000301.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000301.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1575536
reference_id	1575536
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1575536

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856
reference_id	898856
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856

reference_url	https://security.archlinux.org/ASA-201805-13
reference_id	ASA-201805-13
reference_type
scores
url	https://security.archlinux.org/ASA-201805-13

reference_url	https://security.archlinux.org/ASA-201805-14
reference_id	ASA-201805-14
reference_type
scores
url	https://security.archlinux.org/ASA-201805-14

reference_url	https://security.archlinux.org/ASA-201805-15
reference_id	ASA-201805-15
reference_type
scores
url	https://security.archlinux.org/ASA-201805-15

reference_url	https://security.archlinux.org/ASA-201805-16
reference_id	ASA-201805-16
reference_type
scores
url	https://security.archlinux.org/ASA-201805-16

reference_url	https://security.archlinux.org/ASA-201805-17
reference_id	ASA-201805-17
reference_type
scores
url	https://security.archlinux.org/ASA-201805-17

reference_url	https://security.archlinux.org/ASA-201805-18
reference_id	ASA-201805-18
reference_type
scores
url	https://security.archlinux.org/ASA-201805-18

reference_url

reference_id

AVG-694

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-695

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-696

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-697

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-698

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-699

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json

reference_url	https://security.gentoo.org/glsa/201806-05
reference_id	GLSA-201806-05
reference_type
scores
url	https://security.gentoo.org/glsa/201806-05

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-1000301

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6745-tyba-33fa

url VCID-7jrx-ykk8-h3gp

vulnerability_id VCID-7jrx-ykk8-h3gp

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8817

reference_id

reference_type

scores

value	0.00735
scoring_system	epss
scoring_elements	0.73169
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8817

reference_url

https://curl.se/docs/CVE-2017-8817.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-8817.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515760
reference_id	1515760
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515760

reference_url	https://security.archlinux.org/ASA-201711-33
reference_id	ASA-201711-33
reference_type
scores
url	https://security.archlinux.org/ASA-201711-33

reference_url	https://security.archlinux.org/ASA-201711-34
reference_id	ASA-201711-34
reference_type
scores
url	https://security.archlinux.org/ASA-201711-34

reference_url	https://security.archlinux.org/ASA-201711-35
reference_id	ASA-201711-35
reference_type
scores
url	https://security.archlinux.org/ASA-201711-35

reference_url	https://security.archlinux.org/ASA-201711-36
reference_id	ASA-201711-36
reference_type
scores
url	https://security.archlinux.org/ASA-201711-36

reference_url	https://security.archlinux.org/ASA-201711-37
reference_id	ASA-201711-37
reference_type
scores
url	https://security.archlinux.org/ASA-201711-37

reference_url	https://security.archlinux.org/ASA-201711-38
reference_id	ASA-201711-38
reference_type
scores
url	https://security.archlinux.org/ASA-201711-38

reference_url

reference_id

AVG-521

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-522

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-523

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-524

reference_url

reference_id

AVG-524

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-524

reference_url

https://security.archlinux.org/AVG-525

reference_id

AVG-525

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-525

reference_url

https://security.archlinux.org/AVG-526

reference_id

AVG-526

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-526

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2017-8817

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jrx-ykk8-h3gp

url VCID-8j6v-xbhy-7uc2

vulnerability_id VCID-8j6v-xbhy-7uc2

summary cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3143

reference_id

reference_type

scores

value	0.04659
scoring_system	epss
scoring_elements	0.89499
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3143

reference_url

https://curl.se/docs/CVE-2015-3143.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2015-3143.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213306
reference_id	1213306
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213306

reference_url	https://security.gentoo.org/glsa/201509-02
reference_id	GLSA-201509-02
reference_type
scores
url	https://security.gentoo.org/glsa/201509-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2015-3143

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8j6v-xbhy-7uc2

url VCID-av4f-gxku-qbhp

vulnerability_id VCID-av4f-gxku-qbhp

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_id

reference_type

scores

value	0.01363
scoring_system	epss
scoring_elements	0.80514
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_url

https://curl.se/docs/CVE-2016-8624.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8624.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390
reference_id	1388390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8624

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-av4f-gxku-qbhp

url VCID-bb6v-z8yg-6fe3

vulnerability_id VCID-bb6v-z8yg-6fe3

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3823

reference_id

reference_type

scores

value	0.01568
scoring_system	epss
scoring_elements	0.81855
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3823

reference_url

https://curl.se/docs/CVE-2019-3823.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2019-3823.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1670256
reference_id	1670256
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1670256

reference_url	https://security.archlinux.org/ASA-201902-10
reference_id	ASA-201902-10
reference_type
scores
url	https://security.archlinux.org/ASA-201902-10

reference_url	https://security.archlinux.org/ASA-201902-11
reference_id	ASA-201902-11
reference_type
scores
url	https://security.archlinux.org/ASA-201902-11

reference_url	https://security.archlinux.org/ASA-201902-12
reference_id	ASA-201902-12
reference_type
scores
url	https://security.archlinux.org/ASA-201902-12

reference_url	https://security.archlinux.org/ASA-201902-13
reference_id	ASA-201902-13
reference_type
scores
url	https://security.archlinux.org/ASA-201902-13

reference_url	https://security.archlinux.org/ASA-201902-9
reference_id	ASA-201902-9
reference_type
scores
url	https://security.archlinux.org/ASA-201902-9

reference_url

reference_id

AVG-873

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-874

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-875

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-876

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-877

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6422

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

reference_url	https://access.redhat.com/errata/RHSA-2019:3701
reference_id	RHSA-2019:3701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3701

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2019-3823

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bb6v-z8yg-6fe3

url VCID-cmcn-f8ws-q3h2

vulnerability_id VCID-cmcn-f8ws-q3h2

summary The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json

reference_url

reference_id

reference_type

scores

value	0.00253
scoring_system	epss
scoring_elements	0.48857
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6422

reference_url

https://curl.se/docs/CVE-2013-6422.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-6422.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1037918
reference_id	1037918
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1037918

reference_url	https://security.gentoo.org/glsa/201401-14
reference_id	GLSA-201401-14
reference_type
scores
url	https://security.gentoo.org/glsa/201401-14

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2013-6422

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmcn-f8ws-q3h2

url VCID-dj48-3dkt-dbdh

vulnerability_id VCID-dj48-3dkt-dbdh

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8818.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8818

reference_id

reference_type

scores

value	0.00825
scoring_system	epss
scoring_elements	0.74821
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8818

reference_url

https://curl.se/docs/CVE-2017-8818.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-8818.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8818

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1517691
reference_id	1517691
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1517691

reference_url	https://security.archlinux.org/ASA-201711-36
reference_id	ASA-201711-36
reference_type
scores
url	https://security.archlinux.org/ASA-201711-36

reference_url	https://security.archlinux.org/ASA-201711-37
reference_id	ASA-201711-37
reference_type
scores
url	https://security.archlinux.org/ASA-201711-37

reference_url	https://security.archlinux.org/ASA-201711-38
reference_id	ASA-201711-38
reference_type
scores
url	https://security.archlinux.org/ASA-201711-38

reference_url

reference_id

AVG-521

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-522

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-523

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-527

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-528

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-529

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0015

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2017-8818

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj48-3dkt-dbdh

url VCID-e4qf-7gqs-qyg3

vulnerability_id VCID-e4qf-7gqs-qyg3

summary cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json

reference_url

reference_id

reference_type

scores

value	0.01266
scoring_system	epss
scoring_elements	0.79799
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0015

reference_url

https://curl.se/docs/CVE-2014-0015.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0015.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1053903
reference_id	1053903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1053903

reference_url	https://access.redhat.com/errata/RHSA-2014:0561
reference_id	RHSA-2014:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0561

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-0015

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4qf-7gqs-qyg3

url VCID-f8vu-23bb-5ue7

vulnerability_id VCID-f8vu-23bb-5ue7

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8816

reference_id

reference_type

scores

value	0.00454
scoring_system	epss
scoring_elements	0.64147
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8816

reference_url

https://curl.se/docs/CVE-2017-8816.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-8816.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515757
reference_id	1515757
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515757

reference_url	https://security.archlinux.org/ASA-201711-36
reference_id	ASA-201711-36
reference_type
scores
url	https://security.archlinux.org/ASA-201711-36

reference_url	https://security.archlinux.org/ASA-201711-37
reference_id	ASA-201711-37
reference_type
scores
url	https://security.archlinux.org/ASA-201711-37

reference_url	https://security.archlinux.org/ASA-201711-38
reference_id	ASA-201711-38
reference_type
scores
url	https://security.archlinux.org/ASA-201711-38

reference_url

reference_id

AVG-521

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-522

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-523

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-527

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-528

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-529

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2017-8816

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8vu-23bb-5ue7

url VCID-f922-jx9w-mbc5

vulnerability_id VCID-f922-jx9w-mbc5

summary CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json

reference_url

reference_id

reference_type

scores

value	0.01225
scoring_system	epss
scoring_elements	0.79462
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

reference_url

https://curl.se/docs/CVE-2014-8150.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-8150.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692
reference_id	1178692
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-8150

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f922-jx9w-mbc5

url VCID-fhc8-r8gv-bugj

vulnerability_id VCID-fhc8-r8gv-bugj

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22876

reference_id

reference_type

scores

value	0.00115
scoring_system	epss
scoring_elements	0.29799
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url	https://hackerone.com/reports/1101882
reference_id
reference_type
scores
url	https://hackerone.com/reports/1101882

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941964
reference_id	1941964
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941964

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
reference_id	986269
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269

reference_url

reference_id

AVG-1753

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1754

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1755

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1756

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1757

reference_url

reference_id

AVG-1757

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1757

reference_url

https://security.archlinux.org/AVG-1758

reference_id

AVG-1758

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1758

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-22876
reference_id	CVE-2021-22876
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-22876

reference_url

https://curl.se/docs/CVE-2021-22876.html

reference_id

CVE-2021-22876.HTML

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22876.html

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

reference_url	https://access.redhat.com/errata/RHSA-2021:4511
reference_id	RHSA-2021:4511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4511

reference_url	https://access.redhat.com/errata/RHSA-2022:1354
reference_id	RHSA-2022:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1354

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2021-22876

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc8-r8gv-bugj

url VCID-fp66-fzqt-6yg7

vulnerability_id VCID-fp66-fzqt-6yg7

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8169

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.24197
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8169

reference_url

https://curl.se/docs/CVE-2020-8169.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8169.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url	https://hackerone.com/reports/874778
reference_id
reference_type
scores
url	https://hackerone.com/reports/874778

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847916
reference_id	1847916
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847916

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280
reference_id	965280
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280

reference_url

reference_id

AVG-1194

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json

reference_url	https://security.gentoo.org/glsa/202007-16
reference_id	GLSA-202007-16
reference_type
scores
url	https://security.gentoo.org/glsa/202007-16

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

url pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13

purl pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-85qb-zec7-subc

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-v82t-s9e1-2fbw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13

aliases CVE-2020-8169

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fp66-fzqt-6yg7

url VCID-h6xj-mys4-pucf

vulnerability_id VCID-h6xj-mys4-pucf

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8177

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05244
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8177

reference_url

https://curl.se/docs/CVE-2020-8177.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8177.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url	https://hackerone.com/reports/887462
reference_id
reference_type
scores
url	https://hackerone.com/reports/887462

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847915
reference_id	1847915
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847915

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281
reference_id	965281
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281

reference_url

reference_id

AVG-1194

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2174

reference_url	https://security.gentoo.org/glsa/202007-16
reference_id	GLSA-202007-16
reference_type
scores
url	https://security.gentoo.org/glsa/202007-16

reference_url	https://access.redhat.com/errata/RHSA-2020:4599
reference_id	RHSA-2020:4599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4599

reference_url	https://access.redhat.com/errata/RHSA-2020:5002
reference_id	RHSA-2020:5002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5002

reference_url	https://access.redhat.com/errata/RHSA-2020:5417
reference_id	RHSA-2020:5417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5417

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

url pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13

purl pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-85qb-zec7-subc

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-v82t-s9e1-2fbw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13

aliases CVE-2020-8177

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6xj-mys4-pucf

url VCID-hhu3-dp3m-gbgm

vulnerability_id VCID-hhu3-dp3m-gbgm

summary Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json

reference_url

reference_id

reference_type

scores

value	0.03181
scoring_system	epss
scoring_elements	0.872
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2174

reference_url

https://curl.se/docs/CVE-2013-2174.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-2174.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=965640
reference_id	965640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=965640

reference_url	https://security.gentoo.org/glsa/201401-14
reference_id	GLSA-201401-14
reference_type
scores
url	https://security.gentoo.org/glsa/201401-14

reference_url	https://access.redhat.com/errata/RHSA-2013:0983
reference_id	RHSA-2013:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0983

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2013-2174

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhu3-dp3m-gbgm

url VCID-kae8-wmf2-2kf1

vulnerability_id VCID-kae8-wmf2-2kf1

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000300.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000300

reference_id

reference_type

scores

value	0.00926
scoring_system	epss
scoring_elements	0.76419
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000300

reference_url

https://curl.se/docs/CVE-2018-1000300.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000300.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1575533
reference_id	1575533
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1575533

reference_url	https://security.archlinux.org/ASA-201805-13
reference_id	ASA-201805-13
reference_type
scores
url	https://security.archlinux.org/ASA-201805-13

reference_url	https://security.archlinux.org/ASA-201805-14
reference_id	ASA-201805-14
reference_type
scores
url	https://security.archlinux.org/ASA-201805-14

reference_url	https://security.archlinux.org/ASA-201805-15
reference_id	ASA-201805-15
reference_type
scores
url	https://security.archlinux.org/ASA-201805-15

reference_url	https://security.archlinux.org/ASA-201805-16
reference_id	ASA-201805-16
reference_type
scores
url	https://security.archlinux.org/ASA-201805-16

reference_url	https://security.archlinux.org/ASA-201805-17
reference_id	ASA-201805-17
reference_type
scores
url	https://security.archlinux.org/ASA-201805-17

reference_url	https://security.archlinux.org/ASA-201805-18
reference_id	ASA-201805-18
reference_type
scores
url	https://security.archlinux.org/ASA-201805-18

reference_url

reference_id

AVG-694

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-695

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-696

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-697

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-698

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-699

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json

reference_url	https://security.gentoo.org/glsa/201806-05
reference_id	GLSA-201806-05
reference_type
scores
url	https://security.gentoo.org/glsa/201806-05

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-1000300

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kae8-wmf2-2kf1

url VCID-kn6z-caj8-bbc9

vulnerability_id VCID-kn6z-caj8-bbc9

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22890

reference_id

reference_type

scores

value	0.00069
scoring_system	epss
scoring_elements	0.21312
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url	https://hackerone.com/reports/1129529
reference_id
reference_type
scores
url	https://hackerone.com/reports/1129529

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941965
reference_id	1941965
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941965

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270
reference_id	986270
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270

reference_url

reference_id

AVG-1753

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1754

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1755

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1756

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://curl.se/docs/CVE-2021-22890.html

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-22890
reference_id	CVE-2021-22890
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-22890

reference_url

reference_id

CVE-2021-22890.HTML

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22890.html

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2021-22890

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kn6z-caj8-bbc9

url VCID-nkmd-xb13-mbg9

vulnerability_id VCID-nkmd-xb13-mbg9

summary cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4545

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.58306
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4545

reference_url

https://curl.se/docs/CVE-2013-4545.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-4545.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1029159
reference_id	1029159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1029159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2013-4545

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkmd-xb13-mbg9

url VCID-p7mn-a632-c3ag

vulnerability_id VCID-p7mn-a632-c3ag

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0500.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-0500

reference_id

reference_type

scores

value	0.01242
scoring_system	epss
scoring_elements	0.796
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0500

reference_url

https://curl.se/docs/CVE-2018-0500.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-0500.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1597101
reference_id	1597101
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1597101

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546
reference_id	903546
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903546

reference_url	https://security.archlinux.org/ASA-201807-10
reference_id	ASA-201807-10
reference_type
scores
url	https://security.archlinux.org/ASA-201807-10

reference_url	https://security.archlinux.org/ASA-201807-5
reference_id	ASA-201807-5
reference_type
scores
url	https://security.archlinux.org/ASA-201807-5

reference_url	https://security.archlinux.org/ASA-201807-6
reference_id	ASA-201807-6
reference_type
scores
url	https://security.archlinux.org/ASA-201807-6

reference_url	https://security.archlinux.org/ASA-201807-7
reference_id	ASA-201807-7
reference_type
scores
url	https://security.archlinux.org/ASA-201807-7

reference_url	https://security.archlinux.org/ASA-201807-8
reference_id	ASA-201807-8
reference_type
scores
url	https://security.archlinux.org/ASA-201807-8

reference_url	https://security.archlinux.org/ASA-201807-9
reference_id	ASA-201807-9
reference_type
scores
url	https://security.archlinux.org/ASA-201807-9

reference_url

https://security.archlinux.org/AVG-729

reference_id

AVG-729

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-729

reference_url

https://security.archlinux.org/AVG-730

reference_id

AVG-730

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-730

reference_url

https://security.archlinux.org/AVG-731

reference_id

AVG-731

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-731

reference_url

https://security.archlinux.org/AVG-732

reference_id

AVG-732

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-732

reference_url

https://security.archlinux.org/AVG-733

reference_id

AVG-733

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-733

reference_url

https://security.archlinux.org/AVG-734

reference_id

AVG-734

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-734

reference_url	https://security.gentoo.org/glsa/201807-04
reference_id	GLSA-201807-04
reference_type
scores
url	https://security.gentoo.org/glsa/201807-04

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-0500

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7mn-a632-c3ag

url VCID-p9v4-nweu-vydg

vulnerability_id VCID-p9v4-nweu-vydg

summary cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3148

reference_id

reference_type

scores

value	0.01422
scoring_system	epss
scoring_elements	0.80941
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3148

reference_url

https://curl.se/docs/CVE-2015-3148.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2015-3148.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213351
reference_id	1213351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213351

reference_url	https://security.gentoo.org/glsa/201509-02
reference_id	GLSA-201509-02
reference_type
scores
url	https://security.gentoo.org/glsa/201509-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

aliases CVE-2015-3148

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9v4-nweu-vydg

url VCID-q8ja-keyk-fyfb

vulnerability_id VCID-q8ja-keyk-fyfb

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8625

reference_id

reference_type

scores

value	0.01671
scoring_system	epss
scoring_elements	0.82463
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8625

reference_url

https://curl.se/docs/CVE-2016-8625.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8625.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388392
reference_id	1388392
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388392

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0138

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8625

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8ja-keyk-fyfb

url VCID-q9ht-ra39-kuef

vulnerability_id VCID-q9ht-ra39-kuef

summary The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json

reference_url

reference_id

reference_type

scores

value	0.00903
scoring_system	epss
scoring_elements	0.76091
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0138

reference_url

https://curl.se/docs/CVE-2014-0138.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0138.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1079148
reference_id	1079148
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1079148

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728
reference_id	742728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728

reference_url	https://security.gentoo.org/glsa/201406-21
reference_id	GLSA-201406-21
reference_type
scores
url	https://security.gentoo.org/glsa/201406-21

reference_url	https://access.redhat.com/errata/RHSA-2014:0561
reference_id	RHSA-2014:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0561

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-0138

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q9ht-ra39-kuef

url VCID-qe9z-wuze-tucq

vulnerability_id VCID-qe9z-wuze-tucq

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8616

reference_id

reference_type

scores

value	0.04507
scoring_system	epss
scoring_elements	0.89324
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8616

reference_url

https://curl.se/docs/CVE-2016-8616.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8616.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388371
reference_id	1388371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388371

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8616

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qe9z-wuze-tucq

url VCID-qrnc-7ywu-37cz

vulnerability_id VCID-qrnc-7ywu-37cz

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3822

reference_id

reference_type

scores

value	0.18518
scoring_system	epss
scoring_elements	0.95371
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3822

reference_url

https://curl.se/docs/CVE-2019-3822.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2019-3822.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1670254
reference_id	1670254
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1670254

reference_url	https://security.archlinux.org/ASA-201902-10
reference_id	ASA-201902-10
reference_type
scores
url	https://security.archlinux.org/ASA-201902-10

reference_url	https://security.archlinux.org/ASA-201902-11
reference_id	ASA-201902-11
reference_type
scores
url	https://security.archlinux.org/ASA-201902-11

reference_url	https://security.archlinux.org/ASA-201902-12
reference_id	ASA-201902-12
reference_type
scores
url	https://security.archlinux.org/ASA-201902-12

reference_url	https://security.archlinux.org/ASA-201902-13
reference_id	ASA-201902-13
reference_type
scores
url	https://security.archlinux.org/ASA-201902-13

reference_url	https://security.archlinux.org/ASA-201902-9
reference_id	ASA-201902-9
reference_type
scores
url	https://security.archlinux.org/ASA-201902-9

reference_url

reference_id

AVG-873

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-874

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-875

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-876

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-877

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

reference_url	https://access.redhat.com/errata/RHSA-2019:3701
reference_id	RHSA-2019:3701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3701

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2019-3822

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrnc-7ywu-37cz

url VCID-rt5e-saz2-j7c9

vulnerability_id VCID-rt5e-saz2-j7c9

summary libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_id

reference_type

scores

value	0.03854
scoring_system	epss
scoring_elements	0.88416
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_url

https://curl.se/docs/CVE-2018-1000007.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000007.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125
reference_id	1537125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125

reference_url	https://security.archlinux.org/ASA-201801-20
reference_id	ASA-201801-20
reference_type
scores
url	https://security.archlinux.org/ASA-201801-20

reference_url	https://security.archlinux.org/ASA-201801-22
reference_id	ASA-201801-22
reference_type
scores
url	https://security.archlinux.org/ASA-201801-22

reference_url	https://security.archlinux.org/ASA-201801-23
reference_id	ASA-201801-23
reference_type
scores
url	https://security.archlinux.org/ASA-201801-23

reference_url	https://security.archlinux.org/ASA-201801-24
reference_id	ASA-201801-24
reference_type
scores
url	https://security.archlinux.org/ASA-201801-24

reference_url	https://security.archlinux.org/ASA-201801-25
reference_id	ASA-201801-25
reference_type
scores
url	https://security.archlinux.org/ASA-201801-25

reference_url	https://security.archlinux.org/ASA-201801-26
reference_id	ASA-201801-26
reference_type
scores
url	https://security.archlinux.org/ASA-201801-26

reference_url

https://security.archlinux.org/AVG-593

reference_id

AVG-593

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-593

reference_url

https://security.archlinux.org/AVG-594

reference_id

AVG-594

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-594

reference_url

https://security.archlinux.org/AVG-595

reference_id

AVG-595

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-595

reference_url

https://security.archlinux.org/AVG-596

reference_id

AVG-596

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-596

reference_url

https://security.archlinux.org/AVG-597

reference_id

AVG-597

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-597

reference_url

https://security.archlinux.org/AVG-598

reference_id

AVG-598

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-598

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

aliases CVE-2018-1000007

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rt5e-saz2-j7c9

url VCID-sesh-938m-x3f8

vulnerability_id VCID-sesh-938m-x3f8

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_id

reference_type

scores

value	0.01811
scoring_system	epss
scoring_elements	0.83176
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_url

https://curl.se/docs/CVE-2016-8618.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8618.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378
reference_id	1388378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8618

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sesh-938m-x3f8

url VCID-snsg-c2up-b7cn

vulnerability_id VCID-snsg-c2up-b7cn

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8623

reference_id

reference_type

scores

value	0.01171
scoring_system	epss
scoring_elements	0.79018
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8623

reference_url

https://curl.se/docs/CVE-2016-8623.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8623.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388388
reference_id	1388388
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388388

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8623

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snsg-c2up-b7cn

url VCID-swmn-7ns9-ekg1

vulnerability_id VCID-swmn-7ns9-ekg1

summary An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.

references

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000257

reference_id

reference_type

scores

value	0.00863
scoring_system	epss
scoring_elements	0.75438
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000257

reference_url

https://curl.se/docs/CVE-2017-1000257.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-1000257.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1503705
reference_id	1503705
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1503705

reference_url	https://security.archlinux.org/ASA-201711-10
reference_id	ASA-201711-10
reference_type
scores
url	https://security.archlinux.org/ASA-201711-10

reference_url	https://security.archlinux.org/ASA-201711-11
reference_id	ASA-201711-11
reference_type
scores
url	https://security.archlinux.org/ASA-201711-11

reference_url	https://security.archlinux.org/ASA-201711-6
reference_id	ASA-201711-6
reference_type
scores
url	https://security.archlinux.org/ASA-201711-6

reference_url	https://security.archlinux.org/ASA-201711-7
reference_id	ASA-201711-7
reference_type
scores
url	https://security.archlinux.org/ASA-201711-7

reference_url	https://security.archlinux.org/ASA-201711-8
reference_id	ASA-201711-8
reference_type
scores
url	https://security.archlinux.org/ASA-201711-8

reference_url	https://security.archlinux.org/ASA-201711-9
reference_id	ASA-201711-9
reference_type
scores
url	https://security.archlinux.org/ASA-201711-9

reference_url

https://security.archlinux.org/AVG-462

reference_id

AVG-462

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-462

reference_url

https://security.archlinux.org/AVG-463

reference_id

AVG-463

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-463

reference_url

https://security.archlinux.org/AVG-464

reference_id

AVG-464

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-464

reference_url

https://security.archlinux.org/AVG-465

reference_id

AVG-465

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-465

reference_url

https://security.archlinux.org/AVG-466

reference_id

AVG-466

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-466

reference_url

https://security.archlinux.org/AVG-467

reference_id

AVG-467

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-467

reference_url	https://access.redhat.com/errata/RHSA-2017:3263
reference_id	RHSA-2017:3263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3263

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

aliases CVE-2017-1000257

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swmn-7ns9-ekg1

url VCID-tcxd-z7f3-kkes

vulnerability_id VCID-tcxd-z7f3-kkes

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5436

reference_id

reference_type

scores

value	0.15484
scoring_system	epss
scoring_elements	0.94788
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5436

reference_url

https://curl.se/docs/CVE-2019-5436.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2019-5436.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436

reference_url	https://hackerone.com/reports/550696
reference_id
reference_type
scores
url	https://hackerone.com/reports/550696

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1710620
reference_id	1710620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1710620

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351
reference_id	929351
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351

reference_url	https://security.archlinux.org/ASA-201905-11
reference_id	ASA-201905-11
reference_type
scores
url	https://security.archlinux.org/ASA-201905-11

reference_url	https://security.archlinux.org/ASA-201905-12
reference_id	ASA-201905-12
reference_type
scores
url	https://security.archlinux.org/ASA-201905-12

reference_url	https://security.archlinux.org/ASA-201905-13
reference_id	ASA-201905-13
reference_type
scores
url	https://security.archlinux.org/ASA-201905-13

reference_url	https://security.archlinux.org/ASA-201905-14
reference_id	ASA-201905-14
reference_type
scores
url	https://security.archlinux.org/ASA-201905-14

reference_url	https://security.archlinux.org/ASA-201905-15
reference_id	ASA-201905-15
reference_type
scores
url	https://security.archlinux.org/ASA-201905-15

reference_url	https://security.archlinux.org/ASA-201905-16
reference_id	ASA-201905-16
reference_type
scores
url	https://security.archlinux.org/ASA-201905-16

reference_url

https://security.archlinux.org/AVG-959

reference_id

AVG-959

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-959

reference_url

https://security.archlinux.org/AVG-960

reference_id

AVG-960

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-960

reference_url

reference_id

AVG-961

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-962

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-963

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-964

reference_url

reference_id

AVG-964

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-964

reference_url	https://security.gentoo.org/glsa/202003-29
reference_id	GLSA-202003-29
reference_type
scores
url	https://security.gentoo.org/glsa/202003-29

reference_url	https://access.redhat.com/errata/RHSA-2020:1020
reference_id	RHSA-2020:1020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1020

reference_url	https://access.redhat.com/errata/RHSA-2020:1792
reference_id	RHSA-2020:1792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1792

reference_url	https://access.redhat.com/errata/RHSA-2020:2505
reference_id	RHSA-2020:2505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2505

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2019-5436

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tcxd-z7f3-kkes

url VCID-tyqp-e8cp-dbbm

vulnerability_id VCID-tyqp-e8cp-dbbm

summary cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0139

reference_id

reference_type

scores

value	0.01626
scoring_system	epss
scoring_elements	0.82203
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0139

reference_url

https://curl.se/docs/CVE-2014-0139.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0139.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1079149
reference_id	1079149
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1079149

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728
reference_id	742728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728

reference_url	https://security.gentoo.org/glsa/201406-21
reference_id	GLSA-201406-21
reference_type
scores
url	https://security.gentoo.org/glsa/201406-21

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-0139

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyqp-e8cp-dbbm

url VCID-ubnn-z97k-47gw

vulnerability_id VCID-ubnn-z97k-47gw

summary arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16840

reference_id

reference_type

scores

value	0.0029
scoring_system	epss
scoring_elements	0.52638
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16840

reference_url

https://curl.se/docs/CVE-2018-16840.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-16840.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1642203
reference_id	1642203
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1642203

reference_url	https://security.archlinux.org/ASA-201811-4
reference_id	ASA-201811-4
reference_type
scores
url	https://security.archlinux.org/ASA-201811-4

reference_url	https://security.archlinux.org/ASA-201811-5
reference_id	ASA-201811-5
reference_type
scores
url	https://security.archlinux.org/ASA-201811-5

reference_url	https://security.archlinux.org/ASA-201811-6
reference_id	ASA-201811-6
reference_type
scores
url	https://security.archlinux.org/ASA-201811-6

reference_url	https://security.archlinux.org/ASA-201811-7
reference_id	ASA-201811-7
reference_type
scores
url	https://security.archlinux.org/ASA-201811-7

reference_url	https://security.archlinux.org/ASA-201811-8
reference_id	ASA-201811-8
reference_type
scores
url	https://security.archlinux.org/ASA-201811-8

reference_url	https://security.archlinux.org/ASA-201811-9
reference_id	ASA-201811-9
reference_type
scores
url	https://security.archlinux.org/ASA-201811-9

reference_url

reference_id

AVG-795

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-796

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-797

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-798

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-799

reference_url

reference_id

AVG-799

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-799

reference_url

https://security.archlinux.org/AVG-800

reference_id

AVG-800

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-800

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-16840

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubnn-z97k-47gw

url VCID-uh5a-zcds-3bcc

vulnerability_id VCID-uh5a-zcds-3bcc

summary cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_id

reference_type

scores

value	0.0182
scoring_system	epss
scoring_elements	0.83211
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_url

https://curl.se/docs/CVE-2014-3613.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-3613.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154
reference_id	1136154
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

fixed_packages

url pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

purl pkg:deb/debian/curl@7.26.0-1%2Bwheezy13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5svr-3vv9-mqea

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-p9v4-nweu-vydg

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-rt5e-saz2-j7c9

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-swmn-7ns9-ekg1

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.26.0-1%252Bwheezy13

aliases CVE-2014-3613

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uh5a-zcds-3bcc

url VCID-vfc1-yy11-bycp

vulnerability_id VCID-vfc1-yy11-bycp

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8619

reference_id

reference_type

scores

value	0.03314
scoring_system	epss
scoring_elements	0.87485
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8619

reference_url

https://curl.se/docs/CVE-2016-8619.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8619.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388379
reference_id	1388379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388379

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8619

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfc1-yy11-bycp

url VCID-xc5k-47n9-43d6

vulnerability_id VCID-xc5k-47n9-43d6

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5435.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5435

reference_id

reference_type

scores

value	0.00165
scoring_system	epss
scoring_elements	0.37229
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5435

reference_url

https://curl.se/docs/CVE-2019-5435.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2019-5435.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435

reference_url	https://hackerone.com/reports/547630
reference_id
reference_type
scores
url	https://hackerone.com/reports/547630

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1710609
reference_id	1710609
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1710609

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352
reference_id	929352
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929352

reference_url	https://security.archlinux.org/ASA-201905-13
reference_id	ASA-201905-13
reference_type
scores
url	https://security.archlinux.org/ASA-201905-13

reference_url	https://security.archlinux.org/ASA-201905-14
reference_id	ASA-201905-14
reference_type
scores
url	https://security.archlinux.org/ASA-201905-14

reference_url	https://security.archlinux.org/ASA-201905-15
reference_id	ASA-201905-15
reference_type
scores
url	https://security.archlinux.org/ASA-201905-15

reference_url

reference_id

AVG-961

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-962

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-963

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json

reference_url	https://security.gentoo.org/glsa/202003-29
reference_id	GLSA-202003-29
reference_type
scores
url	https://security.gentoo.org/glsa/202003-29

reference_url	https://access.redhat.com/errata/RHSA-2020:4383
reference_id	RHSA-2020:4383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4383

reference_url	https://access.redhat.com/errata/RHSA-2020:4384
reference_id	RHSA-2020:4384
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4384

fixed_packages

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2019-5435

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xc5k-47n9-43d6

url VCID-xyze-msxs-1qem

vulnerability_id VCID-xyze-msxs-1qem

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8617

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24672
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8617

reference_url

https://curl.se/docs/CVE-2016-8617.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8617.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388377
reference_id	1388377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388377

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

purl pkg:deb/debian/curl@7.38.0-4%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y6d-7vfu-ybb3

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-51ac-1jc2-vfed

vulnerability	VCID-5xjw-u8ad-n3g5

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-av4f-gxku-qbhp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-q8ja-keyk-fyfb

vulnerability	VCID-qe9z-wuze-tucq

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-sesh-938m-x3f8

vulnerability	VCID-snsg-c2up-b7cn

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-vfc1-yy11-bycp

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-xyze-msxs-1qem

vulnerability	VCID-zg98-v6dj-s7gv

vulnerability	VCID-zv25-wupq-bqfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.38.0-4%252Bdeb8u11

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

aliases CVE-2016-8617

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xyze-msxs-1qem

url VCID-zg98-v6dj-s7gv

vulnerability_id VCID-zg98-v6dj-s7gv

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16842

reference_id

reference_type

scores

value	0.00162
scoring_system	epss
scoring_elements	0.36852
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16842

reference_url

https://curl.se/docs/CVE-2018-16842.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-16842.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1644124
reference_id	1644124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1644124

reference_url	https://security.archlinux.org/ASA-201811-4
reference_id	ASA-201811-4
reference_type
scores
url	https://security.archlinux.org/ASA-201811-4

reference_url

reference_id

AVG-795

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

reference_url	https://access.redhat.com/errata/RHSA-2019:2181
reference_id	RHSA-2019:2181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2181

fixed_packages

url pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

purl pkg:deb/debian/curl@7.52.1-5%2Bdeb9u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ws4-1sak-r3ck

vulnerability	VCID-4hha-2z31-2bf8

vulnerability	VCID-6745-tyba-33fa

vulnerability	VCID-7jrx-ykk8-h3gp

vulnerability	VCID-bb6v-z8yg-6fe3

vulnerability	VCID-dj48-3dkt-dbdh

vulnerability	VCID-f8vu-23bb-5ue7

vulnerability	VCID-fhc8-r8gv-bugj

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

vulnerability	VCID-kae8-wmf2-2kf1

vulnerability	VCID-kn6z-caj8-bbc9

vulnerability	VCID-p7mn-a632-c3ag

vulnerability	VCID-qrnc-7ywu-37cz

vulnerability	VCID-tcxd-z7f3-kkes

vulnerability	VCID-ubnn-z97k-47gw

vulnerability	VCID-xc5k-47n9-43d6

vulnerability	VCID-zg98-v6dj-s7gv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.52.1-5%252Bdeb9u10

url pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

purl pkg:deb/debian/curl@7.64.0-4%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fp66-fzqt-6yg7

vulnerability	VCID-h6xj-mys4-pucf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.64.0-4%252Bdeb10u2

aliases CVE-2018-16842

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zg98-v6dj-s7gv

url VCID-zv25-wupq-bqfk

vulnerability_id VCID-zv25-wupq-bqfk

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8621

reference_id

reference_type

scores

value	0.03165
scoring_system	epss
scoring_elements	0.87167
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8621

reference_url

https://curl.se/docs/CVE-2016-8621.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8621.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388385
reference_id	1388385
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388385

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url