Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/472?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/472?format=api", "purl": "pkg:generic/curl.se/curl@7.8.0", "type": "generic", "namespace": "curl.se", "name": "curl", "version": "7.8.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.20.0", "latest_non_vulnerable_version": "8.20.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/687?format=api", "vulnerability_id": "VCID-1bn6-efkw-uyfc", "summary": "FTP PWD response parser out of bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01318", "scoring_system": "epss", "scoring_elements": "0.8018", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000254" }, { "reference_url": "https://curl.se/docs/CVE-2017-1000254.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000254.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541", "reference_id": "1495541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671", "reference_id": "877671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671" }, { "reference_url": "https://security.archlinux.org/ASA-201710-2", "reference_id": "ASA-201710-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-2" }, { "reference_url": "https://security.archlinux.org/ASA-201710-3", "reference_id": "ASA-201710-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-3" }, { "reference_url": "https://security.archlinux.org/ASA-201710-4", "reference_id": "ASA-201710-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-4" }, { "reference_url": "https://security.archlinux.org/ASA-201710-5", "reference_id": "ASA-201710-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-5" }, { "reference_url": "https://security.archlinux.org/ASA-201710-6", "reference_id": "ASA-201710-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-6" }, { "reference_url": "https://security.archlinux.org/ASA-201710-7", "reference_id": "ASA-201710-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-7" }, { "reference_url": "https://security.archlinux.org/AVG-371", "reference_id": "AVG-371", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-371" }, { "reference_url": "https://security.archlinux.org/AVG-386", "reference_id": "AVG-386", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-386" }, { "reference_url": "https://security.archlinux.org/AVG-387", "reference_id": "AVG-387", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-387" }, { "reference_url": "https://security.archlinux.org/AVG-388", "reference_id": "AVG-388", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-388" }, { "reference_url": "https://security.archlinux.org/AVG-389", "reference_id": "AVG-389", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-389" }, { "reference_url": "https://security.archlinux.org/AVG-422", "reference_id": "AVG-422", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-422" }, { "reference_url": "https://security.gentoo.org/glsa/201712-04", "reference_id": "GLSA-201712-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201712-04" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/386?format=api", "purl": "pkg:generic/curl.se/curl@7.56.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-447t-29ej-aqee" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bnbs-6a5a-5yc2" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pmd1-casv-zuhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.56.0" } ], "aliases": [ "CVE-2017-1000254" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bn6-efkw-uyfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/752?format=api", "vulnerability_id": "VCID-258j-152p-43dg", "summary": "Authentication Buffer Overflows", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02576", "scoring_system": "epss", "scoring_elements": "0.85814", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0490" }, { "reference_url": "https://curl.se/docs/CVE-2005-0490.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2005-0490.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532", "reference_id": "1617532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:340", "reference_id": "RHSA-2005:340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:340" }, { "reference_url": "https://usn.ubuntu.com/86-1/", "reference_id": "USN-86-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/86-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/301?format=api", "purl": "pkg:generic/curl.se/curl@7.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5nu4-me98-wke7" }, { "vulnerability": "VCID-666z-hjum-xkhp" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7pjs-3euy-t7en" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7tq8-kvpk-1bd3" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh7z-r44d-afhu" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-cc14-xuqm-fue4" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-d7j3-jmjs-rbag" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-rvcr-16nj-r7f7" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-whqe-uwbe-wfgf" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.13.1" } ], "aliases": [ "CVE-2005-0490" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-258j-152p-43dg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/628?format=api", "vulnerability_id": "VCID-2fqs-x6nt-87ea", "summary": "POST following PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01759", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32221" }, { "reference_url": "https://curl.se/docs/CVE-2022-32221.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-32221.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1704017", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://hackerone.com/reports/1704017" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/19", "reference_id": "19", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411", "reference_id": "2135411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/05/17/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5330", "reference_id": "dsa-5330", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://support.apple.com/kb/HT213605", "reference_id": "HT213605", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://support.apple.com/kb/HT213605" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230110-0006/", "reference_id": "ntap-20230110-0006", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230208-0002/", "reference_id": "ntap-20230208-0002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0333", "reference_id": "RHSA-2023:0333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4139", "reference_id": "RHSA-2023:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4139" }, { "reference_url": "https://usn.ubuntu.com/5702-1/", "reference_id": "USN-5702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-1/" }, { "reference_url": "https://usn.ubuntu.com/5702-2/", "reference_id": "USN-5702-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5702-2/" }, { "reference_url": "https://usn.ubuntu.com/5823-1/", "reference_id": "USN-5823-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5823-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/427?format=api", "purl": "pkg:generic/curl.se/curl@7.86.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0" } ], "aliases": [ "CVE-2022-32221" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fqs-x6nt-87ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/703?format=api", "vulnerability_id": "VCID-2hcz-2g46-jkgf", "summary": "double free in krb5 code", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03314", "scoring_system": "epss", "scoring_elements": "0.87474", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8619" }, { "reference_url": "https://curl.se/docs/CVE-2016-8619.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8619.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379", "reference_id": "1388379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388379" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8619" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hcz-2g46-jkgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/653?format=api", "vulnerability_id": "VCID-2wp5-xvyh-cyaa", "summary": "TELNET stack contents disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33336", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22898" }, { "reference_url": "https://curl.se/docs/CVE-2021-22898.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1176461", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://hackerone.com/reports/1176461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887", "reference_id": "1964887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964887" }, { "reference_url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_id": "39ce47f219b09c380b81f89fe54ac586c8db6bde", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/07/21/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228", "reference_id": "989228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228" }, { "reference_url": "https://security.archlinux.org/ASA-202106-4", "reference_id": "ASA-202106-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-4" }, { "reference_url": "https://security.archlinux.org/ASA-202106-5", "reference_id": "ASA-202106-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-5" }, { "reference_url": "https://security.archlinux.org/ASA-202106-6", "reference_id": "ASA-202106-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-6" }, { "reference_url": "https://security.archlinux.org/ASA-202106-7", "reference_id": "ASA-202106-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-7" }, { "reference_url": "https://security.archlinux.org/ASA-202106-8", "reference_id": "ASA-202106-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-8" }, { "reference_url": "https://security.archlinux.org/ASA-202106-9", "reference_id": "ASA-202106-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-9" }, { "reference_url": "https://security.archlinux.org/AVG-1995", "reference_id": "AVG-1995", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1995" }, { "reference_url": "https://security.archlinux.org/AVG-1996", "reference_id": "AVG-1996", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1996" }, { "reference_url": "https://security.archlinux.org/AVG-1997", "reference_id": "AVG-1997", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1997" }, { "reference_url": "https://security.archlinux.org/AVG-1998", "reference_id": "AVG-1998", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1998" }, { "reference_url": "https://security.archlinux.org/AVG-1999", "reference_id": "AVG-1999", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1999" }, { "reference_url": "https://security.archlinux.org/AVG-2000", "reference_id": "AVG-2000", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2000" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/", "reference_id": "POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "reference_url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_id": "rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/" } ], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/416?format=api", "purl": "pkg:generic/curl.se/curl@7.77.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.77.0" } ], "aliases": [ "CVE-2021-22898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wp5-xvyh-cyaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/693?format=api", "vulnerability_id": "VCID-3er6-ss7m-xqf1", "summary": "--write-out out of buffer read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42086", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7407" }, { "reference_url": "https://curl.se/docs/CVE-2017-7407.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-7407.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "2.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190", "reference_id": "1439190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439190" }, { "reference_url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13", "reference_id": "1890d59905414ab84a35892b2e45833654aa5c13", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/" } ], "url": "https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500", "reference_id": "859500", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500" }, { "reference_url": "https://security.gentoo.org/glsa/201709-14", "reference_id": "GLSA-201709-14", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/" } ], "url": "https://security.gentoo.org/glsa/201709-14" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382?format=api", "purl": "pkg:generic/curl.se/curl@7.54.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-avve-zptn-6ka9" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.54.0" } ], "aliases": [ "CVE-2017-7407" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3er6-ss7m-xqf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/730?format=api", "vulnerability_id": "VCID-3kbr-qnc1-2qe5", "summary": "cookie leak with IP address as domain", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0182", "scoring_system": "epss", "scoring_elements": "0.83185", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3613" }, { "reference_url": "https://curl.se/docs/CVE-2014-3613.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-3613.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154", "reference_id": "1136154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2346-1/", "reference_id": "USN-2346-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2346-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/358?format=api", "purl": "pkg:generic/curl.se/curl@7.38.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-8mbn-f7qx-dfbg" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-9w51-97c9-4qdm" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh36-c1md-p3gs" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fcav-jjqy-tqfy" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h6bv-tsyf-vqcv" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.38.0" } ], "aliases": [ "CVE-2014-3613" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kbr-qnc1-2qe5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/629?format=api", "vulnerability_id": "VCID-3vxw-r6zv-syhb", "summary": "control code in cookie denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52535", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35252" }, { "reference_url": "https://curl.se/docs/CVE-2022-35252.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-35252.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1613943", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://hackerone.com/reports/1613943" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831", "reference_id": "1018831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/20", "reference_id": "20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jan/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718", "reference_id": "2120718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120718" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT213603", "reference_id": "HT213603", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213603" }, { "reference_url": "https://support.apple.com/kb/HT213604", "reference_id": "HT213604", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://support.apple.com/kb/HT213604" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220930-0005/", "reference_id": "ntap-20220930-0005", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2478", "reference_id": "RHSA-2023:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2963", "reference_id": "RHSA-2023:2963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://usn.ubuntu.com/5587-1/", "reference_id": "USN-5587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/426?format=api", "purl": "pkg:generic/curl.se/curl@7.85.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-72yf-89en-1fff" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0" } ], "aliases": [ "CVE-2022-35252" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vxw-r6zv-syhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/700?format=api", "vulnerability_id": "VCID-57nq-b14c-duew", "summary": "case insensitive password comparison", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04507", "scoring_system": "epss", "scoring_elements": "0.89312", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8616" }, { "reference_url": "https://curl.se/docs/CVE-2016-8616.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8616.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371", "reference_id": "1388371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388371" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8616" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57nq-b14c-duew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/739?format=api", "vulnerability_id": "VCID-5nu4-me98-wke7", "summary": "cookie domain tailmatch", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85546", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1944" }, { "reference_url": "https://curl.se/docs/CVE-2013-1944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-1944.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274", "reference_id": "705274", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577", "reference_id": "950577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950577" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0771", "reference_id": "RHSA-2013:0771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0771" }, { "reference_url": "https://usn.ubuntu.com/1801-1/", "reference_id": "USN-1801-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1801-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/349?format=api", "purl": "pkg:generic/curl.se/curl@7.30.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-33at-jrsw-23bg" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-efue-w21e-rbev" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h6bv-tsyf-vqcv" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-rsr8-dx1t-tka9" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-whqe-uwbe-wfgf" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" }, { "vulnerability": "VCID-zupa-pczr-jbch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.30.0" } ], "aliases": [ "CVE-2013-1944" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5nu4-me98-wke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/708?format=api", "vulnerability_id": "VCID-7bqs-7j62-uba5", "summary": "invalid URL parsing with '#'", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80489", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8624" }, { "reference_url": "https://curl.se/docs/CVE-2016-8624.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8624.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390", "reference_id": "1388390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388390" }, { "reference_url": "http://www.securityfocus.com/bid/94103", "reference_id": "94103", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "http://www.securityfocus.com/bid/94103" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102J.html", "reference_id": "adv_20161102J.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102J.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E", "reference_id": "rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624", "reference_id": "show_bug.cgi?id=CVE-2016-8624", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8624" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bqs-7j62-uba5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/702?format=api", "vulnerability_id": "VCID-7g9f-6sg4-s3es", "summary": "double free in curl_maprintf", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83152", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8618" }, { "reference_url": "https://curl.se/docs/CVE-2016-8618.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8618.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378", "reference_id": "1388378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388378" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8618" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7g9f-6sg4-s3es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/747?format=api", "vulnerability_id": "VCID-7pjs-3euy-t7en", "summary": "Arbitrary File Access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09919", "scoring_system": "epss", "scoring_elements": "0.93143", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0037" }, { "reference_url": "https://curl.se/docs/CVE-2009-0037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-0037.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271", "reference_id": "485271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485271" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423", "reference_id": "518423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518423" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32834.txt" }, { "reference_url": "https://www.securityfocus.com/bid/33962/info", "reference_id": "CVE-2009-0037;OSVDB-53572", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/33962/info" }, { "reference_url": "https://security.gentoo.org/glsa/200903-21", "reference_id": "GLSA-200903-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200903-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0341", "reference_id": "RHSA-2009:0341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0341" }, { "reference_url": "https://usn.ubuntu.com/726-1/", "reference_id": "USN-726-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/726-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/325?format=api", "purl": "pkg:generic/curl.se/curl@7.19.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-33at-jrsw-23bg" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5nu4-me98-wke7" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7tq8-kvpk-1bd3" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh7z-r44d-afhu" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-cc14-xuqm-fue4" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h6bv-tsyf-vqcv" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-rvcr-16nj-r7f7" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-whqe-uwbe-wfgf" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.4" } ], "aliases": [ "CVE-2009-0037" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7pjs-3euy-t7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/681?format=api", "vulnerability_id": "VCID-b3wx-mq6y-gye7", "summary": "HTTP authentication leak in redirects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03854", "scoring_system": "epss", "scoring_elements": "0.88405", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000007" }, { "reference_url": "https://curl.se/docs/CVE-2018-1000007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2018-1000007.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125", "reference_id": "1537125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537125" }, { "reference_url": "https://security.archlinux.org/ASA-201801-20", "reference_id": "ASA-201801-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-20" }, { "reference_url": "https://security.archlinux.org/ASA-201801-22", "reference_id": "ASA-201801-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-22" }, { "reference_url": "https://security.archlinux.org/ASA-201801-23", "reference_id": "ASA-201801-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-23" }, { "reference_url": "https://security.archlinux.org/ASA-201801-24", "reference_id": "ASA-201801-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-24" }, { "reference_url": "https://security.archlinux.org/ASA-201801-25", "reference_id": "ASA-201801-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-25" }, { "reference_url": "https://security.archlinux.org/ASA-201801-26", "reference_id": "ASA-201801-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-26" }, { "reference_url": "https://security.archlinux.org/AVG-593", "reference_id": "AVG-593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-593" }, { "reference_url": "https://security.archlinux.org/AVG-594", "reference_id": "AVG-594", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-594" }, { "reference_url": "https://security.archlinux.org/AVG-595", "reference_id": "AVG-595", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-595" }, { "reference_url": "https://security.archlinux.org/AVG-596", "reference_id": "AVG-596", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-596" }, { "reference_url": "https://security.archlinux.org/AVG-597", "reference_id": "AVG-597", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-597" }, { "reference_url": "https://security.archlinux.org/AVG-598", "reference_id": "AVG-598", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-598" }, { "reference_url": "https://security.gentoo.org/glsa/201804-04", "reference_id": "GLSA-201804-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-04" }, { "reference_url": "https://usn.ubuntu.com/3554-1/", "reference_id": "USN-3554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-1/" }, { "reference_url": "https://usn.ubuntu.com/3554-2/", "reference_id": "USN-3554-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3554-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/389?format=api", "purl": "pkg:generic/curl.se/curl@7.58.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-447t-29ej-aqee" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bnbs-6a5a-5yc2" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0" } ], "aliases": [ "CVE-2018-1000007" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b3wx-mq6y-gye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/610?format=api", "vulnerability_id": "VCID-b788-g7hy-xqf9", "summary": "more POST-after-PUT confusion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70637", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28322" }, { "reference_url": "https://curl.se/docs/CVE-2023-28322.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-28322.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1954658", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://hackerone.com/reports/1954658" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239", "reference_id": "1036239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793", "reference_id": "2196793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/47", "reference_id": "47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/48", "reference_id": "48", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Jul/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/", "reference_id": "F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://support.apple.com/kb/HT213844", "reference_id": "HT213844", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213844" }, { "reference_url": "https://support.apple.com/kb/HT213845", "reference_id": "HT213845", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://support.apple.com/kb/HT213845" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230609-0009/", "reference_id": "ntap-20230609-0009", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4354", "reference_id": "RHSA-2023:4354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5598", "reference_id": "RHSA-2023:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0428", "reference_id": "RHSA-2024:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0585", "reference_id": "RHSA-2024:0585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1601", "reference_id": "RHSA-2024:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2092", "reference_id": "RHSA-2024:2092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2093", "reference_id": "RHSA-2024:2093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "reference_url": "https://usn.ubuntu.com/6237-1/", "reference_id": "USN-6237-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-1/" }, { "reference_url": "https://usn.ubuntu.com/6237-3/", "reference_id": "USN-6237-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6237-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/", "reference_id": "Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433?format=api", "purl": "pkg:generic/curl.se/curl@8.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0" } ], "aliases": [ "CVE-2023-28322" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b788-g7hy-xqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/713?format=api", "vulnerability_id": "VCID-btbt-n6nq-9fer", "summary": "Reusing connections with wrong client cert", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01071", "scoring_system": "epss", "scoring_elements": "0.78041", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5420" }, { "reference_url": "https://curl.se/docs/CVE-2016-5420.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5420.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190", "reference_id": "1362190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362190" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/374?format=api", "purl": "pkg:generic/curl.se/curl@7.50.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1" } ], "aliases": [ "CVE-2016-5420" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btbt-n6nq-9fer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/712?format=api", "vulnerability_id": "VCID-cks2-k7t6-a3gt", "summary": "TLS session resumption client cert bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83606", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5419" }, { "reference_url": "https://curl.se/docs/CVE-2016-5419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-5419.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183", "reference_id": "1362183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362183" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2575", "reference_id": "RHSA-2016:2575", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3048-1/", "reference_id": "USN-3048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3048-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/374?format=api", "purl": "pkg:generic/curl.se/curl@7.50.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1" } ], "aliases": [ "CVE-2016-5419" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cks2-k7t6-a3gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/753?format=api", "vulnerability_id": "VCID-eb8m-4cvx-7kex", "summary": "Proxy Authentication Header Information Leakage", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59683", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1605" }, { "reference_url": "https://curl.se/docs/CVE-2003-1605.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2003-1605.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/463?format=api", "purl": "pkg:generic/curl.se/curl@7.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-258j-152p-43dg" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5nu4-me98-wke7" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7pjs-3euy-t7en" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7tq8-kvpk-1bd3" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh7z-r44d-afhu" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-cc14-xuqm-fue4" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-d7j3-jmjs-rbag" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-rvcr-16nj-r7f7" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-whqe-uwbe-wfgf" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.10.7" } ], "aliases": [ "CVE-2003-1605" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb8m-4cvx-7kex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/656?format=api", "vulnerability_id": "VCID-gnc8-1tfm-yqbd", "summary": "Automatic referer leaks credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29924", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22876" }, { "reference_url": "https://curl.se/docs/CVE-2021-22876.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1101882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://hackerone.com/reports/1101882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964", "reference_id": "1941964", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941964" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/", "reference_id": "2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269", "reference_id": "986269", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269" }, { "reference_url": "https://security.archlinux.org/AVG-1753", "reference_id": "AVG-1753", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1753" }, { "reference_url": "https://security.archlinux.org/AVG-1754", "reference_id": "AVG-1754", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1754" }, { "reference_url": "https://security.archlinux.org/AVG-1755", "reference_id": "AVG-1755", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1755" }, { "reference_url": "https://security.archlinux.org/AVG-1756", "reference_id": "AVG-1756", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1756" }, { "reference_url": "https://security.archlinux.org/AVG-1757", "reference_id": "AVG-1757", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1757" }, { "reference_url": "https://security.archlinux.org/AVG-1758", "reference_id": "AVG-1758", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876", "reference_id": "CVE-2021-22876", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876" }, { "reference_url": "https://security.gentoo.org/glsa/202105-36", "reference_id": "GLSA-202105-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/", "reference_id": "ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/", "reference_id": "KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210521-0007/", "reference_id": "ntap-20210521-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1354", "reference_id": "RHSA-2022:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1354" }, { "reference_url": "https://usn.ubuntu.com/4898-1/", "reference_id": "USN-4898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4898-1/" }, { "reference_url": "https://usn.ubuntu.com/4903-1/", "reference_id": "USN-4903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/414?format=api", "purl": "pkg:generic/curl.se/curl@7.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sgq9-uyy6-dbeb" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0" } ], "aliases": [ "CVE-2021-22876" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnc8-1tfm-yqbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/648?format=api", "vulnerability_id": "VCID-h9pa-n4v6-c7c6", "summary": "TELNET stack contents disclosure again", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46211", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-22925" }, { "reference_url": "https://curl.se/docs/CVE-2021-22925.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2021-22925.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1223882", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://hackerone.com/reports/1223882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902", "reference_id": "1970902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970902" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/39", "reference_id": "39", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/40", "reference_id": "40", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "reference_url": "https://security.archlinux.org/ASA-202107-59", "reference_id": "ASA-202107-59", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-59" }, { "reference_url": "https://security.archlinux.org/ASA-202107-60", "reference_id": "ASA-202107-60", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-60" }, { "reference_url": "https://security.archlinux.org/ASA-202107-61", "reference_id": "ASA-202107-61", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-61" }, { "reference_url": "https://security.archlinux.org/ASA-202107-62", "reference_id": "ASA-202107-62", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-62" }, { "reference_url": "https://security.archlinux.org/ASA-202107-63", "reference_id": "ASA-202107-63", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-63" }, { "reference_url": "https://security.archlinux.org/ASA-202107-64", "reference_id": "ASA-202107-64", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-64" }, { "reference_url": "https://security.archlinux.org/AVG-2194", "reference_id": "AVG-2194", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2194" }, { "reference_url": "https://security.archlinux.org/AVG-2195", "reference_id": "AVG-2195", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2195" }, { "reference_url": "https://security.archlinux.org/AVG-2196", "reference_id": "AVG-2196", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2196" }, { "reference_url": "https://security.archlinux.org/AVG-2197", "reference_id": "AVG-2197", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2197" }, { "reference_url": "https://security.archlinux.org/AVG-2198", "reference_id": "AVG-2198", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2198" }, { "reference_url": "https://security.archlinux.org/AVG-2199", "reference_id": "AVG-2199", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2199" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "reference_id": "FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://support.apple.com/kb/HT212804", "reference_id": "HT212804", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212804" }, { "reference_url": "https://support.apple.com/kb/HT212805", "reference_id": "HT212805", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://support.apple.com/kb/HT212805" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "reference_id": "ntap-20210902-0003", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4511", "reference_id": "RHSA-2021:4511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4511" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "reference_id": "ssa-484086.pdf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "reference_url": "https://usn.ubuntu.com/5021-1/", "reference_id": "USN-5021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-1/" }, { "reference_url": "https://usn.ubuntu.com/5021-2/", "reference_id": "USN-5021-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5021-2/" }, { "reference_url": "https://usn.ubuntu.com/5894-1/", "reference_id": "USN-5894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417?format=api", "purl": "pkg:generic/curl.se/curl@7.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0" } ], "aliases": [ "CVE-2021-22925" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9pa-n4v6-c7c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/576?format=api", "vulnerability_id": "VCID-hjn9-ubdc-2qh9", "summary": "wrong proxy connection reuse with credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06894", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3784" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/3584903", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://hackerone.com/reports/3584903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449", "reference_id": "2446449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446449" }, { "reference_url": "https://curl.se/docs/CVE-2026-3784.json", "reference_id": "CVE-2026-3784.json", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/" } ], "url": "https://curl.se/docs/CVE-2026-3784.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6893", "reference_id": "RHSA-2026:6893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6893" }, { "reference_url": "https://usn.ubuntu.com/8084-1/", "reference_id": "USN-8084-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8084-1/" }, { "reference_url": "https://usn.ubuntu.com/8099-1/", "reference_id": "USN-8099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/460?format=api", "purl": "pkg:generic/curl.se/curl@8.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-hvcc-xfqv-8fez" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-wqeb-6u57-4bck" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0" } ], "aliases": [ "CVE-2026-3784" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjn9-ubdc-2qh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/699?format=api", "vulnerability_id": "VCID-md9a-5z1n-j7ex", "summary": "cookie injection for other servers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04293", "scoring_system": "epss", "scoring_elements": "0.89037", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8615" }, { "reference_url": "https://curl.se/docs/CVE-2016-8615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-8615.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037192", "reference_id": "1037192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "http://www.securitytracker.com/id/1037192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370", "reference_id": "1388370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388370" }, { "reference_url": "http://www.securityfocus.com/bid/94096", "reference_id": "94096", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "http://www.securityfocus.com/bid/94096" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161102A.html", "reference_id": "adv_20161102A.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161102A.html" }, { "reference_url": "https://security.archlinux.org/ASA-201611-10", "reference_id": "ASA-201611-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-10" }, { "reference_url": "https://security.archlinux.org/ASA-201611-4", "reference_id": "ASA-201611-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-4" }, { "reference_url": "https://security.archlinux.org/ASA-201611-5", "reference_id": "ASA-201611-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-5" }, { "reference_url": "https://security.archlinux.org/ASA-201611-7", "reference_id": "ASA-201611-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-7" }, { "reference_url": "https://security.archlinux.org/ASA-201611-8", "reference_id": "ASA-201611-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-8" }, { "reference_url": "https://security.archlinux.org/ASA-201611-9", "reference_id": "ASA-201611-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-9" }, { "reference_url": "https://security.archlinux.org/AVG-60", "reference_id": "AVG-60", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-60" }, { "reference_url": "https://security.archlinux.org/AVG-61", "reference_id": "AVG-61", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-61" }, { "reference_url": "https://security.archlinux.org/AVG-62", "reference_id": "AVG-62", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-62" }, { "reference_url": "https://security.archlinux.org/AVG-63", "reference_id": "AVG-63", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-63" }, { "reference_url": "https://security.archlinux.org/AVG-65", "reference_id": "AVG-65", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-65" }, { "reference_url": "https://security.archlinux.org/AVG-66", "reference_id": "AVG-66", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-66" }, { "reference_url": "https://curl.haxx.se/CVE-2016-8615.patch", "reference_id": "CVE-2016-8615.patch", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://curl.haxx.se/CVE-2016-8615.patch" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615", "reference_id": "show_bug.cgi?id=CVE-2016-8615", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615" }, { "reference_url": "https://www.tenable.com/security/tns-2016-21", "reference_id": "tns-2016-21", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/" } ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "reference_url": "https://usn.ubuntu.com/3123-1/", "reference_id": "USN-3123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377?format=api", "purl": "pkg:generic/curl.se/curl@7.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0" } ], "aliases": [ "CVE-2016-8615" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-md9a-5z1n-j7ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/619?format=api", "vulnerability_id": "VCID-pvdy-3kvz-tud2", "summary": "TELNET option IAC injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39187", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27533" }, { "reference_url": "https://curl.se/docs/CVE-2023-27533.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2023-27533.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1891474", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://hackerone.com/reports/1891474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062", "reference_id": "2179062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/", "reference_id": "36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "reference_url": "https://security.gentoo.org/glsa/202310-12", "reference_id": "GLSA-202310-12", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230420-0011/", "reference_id": "ntap-20230420-0011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6679", "reference_id": "RHSA-2023:6679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6679" }, { "reference_url": "https://usn.ubuntu.com/5964-1/", "reference_id": "USN-5964-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-1/" }, { "reference_url": "https://usn.ubuntu.com/5964-2/", "reference_id": "USN-5964-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5964-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/431?format=api", "purl": "pkg:generic/curl.se/curl@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-n7e7-j1fz-gbb6" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-u35q-qk4d-k3gd" }, { "vulnerability": "VCID-v1de-x2fd-9feq" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-zaur-dwzz-qkgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0" } ], "aliases": [ "CVE-2023-27533" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvdy-3kvz-tud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/659?format=api", "vulnerability_id": "VCID-rmrr-cpq4-9yer", "summary": "trusting FTP PASV responses", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28001", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8284" }, { "reference_url": "https://curl.se/docs/CVE-2020-8284.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1040166", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://hackerone.com/reports/1040166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667", "reference_id": "1902667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902667" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163", "reference_id": "977163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163" }, { "reference_url": "https://security.archlinux.org/AVG-1337", "reference_id": "AVG-1337", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1337" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/", "reference_id": "DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4881", "reference_id": "dsa-4881", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "reference_url": "https://security.gentoo.org/glsa/202012-14", "reference_id": "GLSA-202012-14", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "reference_url": "https://support.apple.com/kb/HT212325", "reference_id": "HT212325", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212325" }, { "reference_url": "https://support.apple.com/kb/HT212326", "reference_id": "HT212326", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212326" }, { "reference_url": "https://support.apple.com/kb/HT212327", "reference_id": "HT212327", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://support.apple.com/kb/HT212327" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0007/", "reference_id": "ntap-20210122-0007", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/", "reference_id": "NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1610", "reference_id": "RHSA-2021:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2471", "reference_id": "RHSA-2021:2471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2472", "reference_id": "RHSA-2021:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2472" }, { "reference_url": "https://usn.ubuntu.com/4665-1/", "reference_id": "USN-4665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-1/" }, { "reference_url": "https://usn.ubuntu.com/4665-2/", "reference_id": "USN-4665-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4665-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/412?format=api", "purl": "pkg:generic/curl.se/curl@7.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7x1f-8c6x-6uaw" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9rqa-y8fj-zfht" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d764-8d2p-cfak" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jdnx-1b7b-nye2" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yphr-tywa-jyb2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0" } ], "aliases": [ "CVE-2020-8284" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmrr-cpq4-9yer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/746?format=api", "vulnerability_id": "VCID-rvcr-16nj-r7f7", "summary": "embedded zero in cert name", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0733", "scoring_system": "epss", "scoring_elements": "0.91813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2417" }, { "reference_url": "https://curl.se/docs/CVE-2009-2417.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2009-2417.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181", "reference_id": "516181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516181" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991", "reference_id": "541991", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541991" }, { "reference_url": "https://security.gentoo.org/glsa/200909-20", "reference_id": "GLSA-200909-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1209", "reference_id": "RHSA-2009:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1209" }, { "reference_url": "https://usn.ubuntu.com/1158-1/", "reference_id": "USN-1158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1158-1/" }, { "reference_url": "https://usn.ubuntu.com/818-1/", "reference_id": "USN-818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/327?format=api", "purl": "pkg:generic/curl.se/curl@7.19.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-33at-jrsw-23bg" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5nu4-me98-wke7" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-7tq8-kvpk-1bd3" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh7z-r44d-afhu" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-cc14-xuqm-fue4" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h6bv-tsyf-vqcv" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-whqe-uwbe-wfgf" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.19.6" } ], "aliases": [ "CVE-2009-2417" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rvcr-16nj-r7f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/696?format=api", "vulnerability_id": "VCID-tac5-jfmv-3yeq", "summary": "printf floating point buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01009", "scoring_system": "epss", "scoring_elements": "0.77389", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9586" }, { "reference_url": "https://curl.se/docs/CVE-2016-9586.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-9586.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1037515", "reference_id": "1037515", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "http://www.securitytracker.com/id/1037515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712", "reference_id": "1406712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406712" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958", "reference_id": "848958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958" }, { "reference_url": "http://www.securityfocus.com/bid/95019", "reference_id": "95019", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "http://www.securityfocus.com/bid/95019" }, { "reference_url": "https://curl.haxx.se/docs/adv_20161221A.html", "reference_id": "adv_20161221A.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://curl.haxx.se/docs/adv_20161221A.html" }, { "reference_url": "https://security.archlinux.org/ASA-201612-22", "reference_id": "ASA-201612-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-22" }, { "reference_url": "https://security.archlinux.org/ASA-201701-10", "reference_id": "ASA-201701-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-10" }, { "reference_url": "https://security.archlinux.org/ASA-201701-11", "reference_id": "ASA-201701-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-11" }, { "reference_url": "https://security.archlinux.org/ASA-201701-7", "reference_id": "ASA-201701-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-7" }, { "reference_url": "https://security.archlinux.org/ASA-201701-8", "reference_id": "ASA-201701-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-8" }, { "reference_url": "https://security.archlinux.org/ASA-201701-9", "reference_id": "ASA-201701-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-9" }, { "reference_url": "https://security.archlinux.org/AVG-112", "reference_id": "AVG-112", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-112" }, { "reference_url": "https://security.archlinux.org/AVG-113", "reference_id": "AVG-113", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-113" }, { "reference_url": "https://security.archlinux.org/AVG-114", "reference_id": "AVG-114", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-114" }, { "reference_url": "https://security.archlinux.org/AVG-115", "reference_id": "AVG-115", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-115" }, { "reference_url": "https://security.archlinux.org/AVG-116", "reference_id": "AVG-116", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-116" }, { "reference_url": "https://security.archlinux.org/AVG-117", "reference_id": "AVG-117", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-117" }, { "reference_url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16", "reference_id": "curl-7_51_0-162-g3ab3c16", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586", "reference_id": "show_bug.cgi?id=CVE-2016-9586", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586" }, { "reference_url": "https://usn.ubuntu.com/3441-1/", "reference_id": "USN-3441-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-1/" }, { "reference_url": "https://usn.ubuntu.com/3441-2/", "reference_id": "USN-3441-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3441-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378?format=api", "purl": "pkg:generic/curl.se/curl@7.52.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-1max-ak81-4kgw" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-78kd-h5g9-4yga" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fv79-zqt1-n7hc" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-q45p-gz7v-53aa" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-qe3j-eh1s-t3fv" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0" } ], "aliases": [ "CVE-2016-9586" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tac5-jfmv-3yeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/721?format=api", "vulnerability_id": "VCID-unke-kr69-wubn", "summary": "sensitive HTTP server headers also sent to proxies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08372", "scoring_system": "epss", "scoring_elements": "0.92434", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3153" }, { "reference_url": "https://curl.se/docs/CVE-2015-3153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2015-3153.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341", "reference_id": "1217341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217341" }, { "reference_url": "https://usn.ubuntu.com/2591-1/", "reference_id": "USN-2591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/363?format=api", "purl": "pkg:generic/curl.se/curl@7.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-72ny-y7wn-xkfu" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ahzg-vhxy-xydx" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fcav-jjqy-tqfy" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.1" } ], "aliases": [ "CVE-2015-3153" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unke-kr69-wubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/738?format=api", "vulnerability_id": "VCID-whqe-uwbe-wfgf", "summary": "URL decode buffer boundary flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03181", "scoring_system": "epss", "scoring_elements": "0.87186", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2174" }, { "reference_url": "https://curl.se/docs/CVE-2013-2174.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2013-2174.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=965640", "reference_id": "965640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=965640" }, { "reference_url": "https://security.gentoo.org/glsa/201401-14", "reference_id": "GLSA-201401-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0983", "reference_id": "RHSA-2013:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0983" }, { "reference_url": "https://usn.ubuntu.com/1894-1/", "reference_id": "USN-1894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/350?format=api", "purl": "pkg:generic/curl.se/curl@7.31.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-33at-jrsw-23bg" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3kbr-qnc1-2qe5" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-92mp-t9s6-kqag" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-9tw4-88jh-qfes" }, { "vulnerability": "VCID-9w51-97c9-4qdm" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bh36-c1md-p3gs" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-efue-w21e-rbev" }, { "vulnerability": "VCID-eqxv-c77t-p3hy" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fk4f-1fft-b3gh" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h6bv-tsyf-vqcv" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-rsr8-dx1t-tka9" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yf3m-cda8-83bw" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" }, { "vulnerability": "VCID-zupa-pczr-jbch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.31.0" } ], "aliases": [ "CVE-2013-2174" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whqe-uwbe-wfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/717?format=api", "vulnerability_id": "VCID-x7j1-6ju4-v3ce", "summary": "remote filename path traversal in curl tool for Windows", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57758", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0754" }, { "reference_url": "https://curl.se/docs/CVE-2016-0754.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2016-0754.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/368?format=api", "purl": "pkg:generic/curl.se/curl@7.47.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-cbeq-zwed-2fg8" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fcav-jjqy-tqfy" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-w1kv-8hj7-z7a8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0" } ], "aliases": [ "CVE-2016-0754" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7j1-6ju4-v3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/642?format=api", "vulnerability_id": "VCID-y79j-fe1u-eyc2", "summary": "Credential leak on redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54815", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27774" }, { "reference_url": "https://curl.se/docs/CVE-2022-27774.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27774.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1543773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://hackerone.com/reports/1543773" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254", "reference_id": "1010254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547", "reference_id": "2077547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077547" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/423?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dnn-arvb-nuek" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-q9sj-vhnr-a7ee" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-r27q-cvqa-wueu" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tfp8-2vsv-jfdk" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27774" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y79j-fe1u-eyc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/727?format=api", "vulnerability_id": "VCID-yf3m-cda8-83bw", "summary": "URL request injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.7944", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8150" }, { "reference_url": "https://curl.se/docs/CVE-2014-8150.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2014-8150.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692", "reference_id": "1178692", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "reference_url": "https://security.gentoo.org/glsa/201701-47", "reference_id": "GLSA-201701-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1254", "reference_id": "RHSA-2015:1254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2159", "reference_id": "RHSA-2015:2159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "reference_url": "https://usn.ubuntu.com/2474-1/", "reference_id": "USN-2474-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2474-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/360?format=api", "purl": "pkg:generic/curl.se/curl@7.40.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn6-efkw-uyfc" }, { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2hcz-2g46-jkgf" }, { "vulnerability": "VCID-2r94-vq93-3kge" }, { "vulnerability": "VCID-2wp5-xvyh-cyaa" }, { "vulnerability": "VCID-2xx7-bgje-xffr" }, { "vulnerability": "VCID-333q-c9qf-vbae" }, { "vulnerability": "VCID-33qq-rab3-13hh" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-37es-qgwr-c3ep" }, { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-3er6-ss7m-xqf1" }, { "vulnerability": "VCID-3ga8-md1g-qqgb" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-4eqe-gybr-33fe" }, { "vulnerability": "VCID-4fbt-z885-efdf" }, { "vulnerability": "VCID-4k19-9t2q-tucv" }, { "vulnerability": "VCID-4mb6-tpsp-p7gt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-57nq-b14c-duew" }, { "vulnerability": "VCID-5bqj-5jb4-vqdp" }, { "vulnerability": "VCID-5czu-unnz-dqe3" }, { "vulnerability": "VCID-66uq-dcdp-zfhd" }, { "vulnerability": "VCID-6dst-1qdv-3qc7" }, { "vulnerability": "VCID-6e8s-49d3-pfdk" }, { "vulnerability": "VCID-6g2m-x1g7-zubg" }, { "vulnerability": "VCID-72ny-y7wn-xkfu" }, { "vulnerability": "VCID-7ama-66qp-f3cc" }, { "vulnerability": "VCID-7bqs-7j62-uba5" }, { "vulnerability": "VCID-7g9f-6sg4-s3es" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-82au-sdj4-1bg8" }, { "vulnerability": "VCID-8f2r-dvmz-u7bw" }, { "vulnerability": "VCID-8mbn-f7qx-dfbg" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-948z-df6d-3yb9" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-9tr9-xdae-gkhu" }, { "vulnerability": "VCID-9w51-97c9-4qdm" }, { "vulnerability": "VCID-a46m-9jv8-h3dp" }, { "vulnerability": "VCID-ahzg-vhxy-xydx" }, { "vulnerability": "VCID-ar1s-rbmm-wyex" }, { "vulnerability": "VCID-b1e2-ngtx-puge" }, { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-btbt-n6nq-9fer" }, { "vulnerability": "VCID-bwys-kp79-7kgb" }, { "vulnerability": "VCID-ck4g-j9rq-5kcq" }, { "vulnerability": "VCID-cks2-k7t6-a3gt" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-fcav-jjqy-tqfy" }, { "vulnerability": "VCID-g4bw-cj2v-c3en" }, { "vulnerability": "VCID-gnc8-1tfm-yqbd" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-h5r1-q326-cyaz" }, { "vulnerability": "VCID-h9pa-n4v6-c7c6" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-mavm-1p7b-z3gt" }, { "vulnerability": "VCID-md9a-5z1n-j7ex" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-p2fq-tujh-ykgt" }, { "vulnerability": "VCID-pce6-p38r-gkhe" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pyb7-2c5k-47c4" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-rmrr-cpq4-9yer" }, { "vulnerability": "VCID-syme-mbp9-hbbu" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t162-92tf-4uef" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tac5-jfmv-3yeq" }, { "vulnerability": "VCID-tzdv-3a3k-tyaa" }, { "vulnerability": "VCID-unke-kr69-wubn" }, { "vulnerability": "VCID-us1y-f2nx-6uhu" }, { "vulnerability": "VCID-uv3d-52va-b7hr" }, { "vulnerability": "VCID-v8t7-d4zr-3kb5" }, { "vulnerability": "VCID-vtd7-gapq-q7ea" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-x6bb-299t-mfhx" }, { "vulnerability": "VCID-x7j1-6ju4-v3ce" }, { "vulnerability": "VCID-y79j-fe1u-eyc2" }, { "vulnerability": "VCID-yq8t-vx5q-k3hp" }, { "vulnerability": "VCID-z6a6-ac8q-j7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.40.0" } ], "aliases": [ "CVE-2014-8150" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yf3m-cda8-83bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/640?format=api", "vulnerability_id": "VCID-yq8t-vx5q-k3hp", "summary": "Auth/cookie leak on redirect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.71955", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27776" }, { "reference_url": "https://curl.se/docs/CVE-2022-27776.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2022-27776.html" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1547048", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://hackerone.com/reports/1547048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252", "reference_id": "1010252", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408", "reference_id": "2078408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078408" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", "reference_id": "7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "reference_url": "https://security.archlinux.org/AVG-2685", "reference_id": "AVG-2685", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2685" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", "reference_id": "DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5197", "reference_id": "dsa-5197", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "reference_url": "https://security.gentoo.org/glsa/202212-01", "reference_id": "GLSA-202212-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0008/", "reference_id": "ntap-20220609-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5245", "reference_id": "RHSA-2022:5245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5313", "reference_id": "RHSA-2022:5313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5313" }, { "reference_url": "https://usn.ubuntu.com/5397-1/", "reference_id": "USN-5397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/423?format=api", "purl": "pkg:generic/curl.se/curl@7.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1eyc-44w4-67cb" }, { "vulnerability": "VCID-1g9p-du9r-hfdk" }, { "vulnerability": "VCID-2fqs-x6nt-87ea" }, { "vulnerability": "VCID-2ncy-ud8q-3bgt" }, { "vulnerability": "VCID-36hy-wvfw-5bhn" }, { "vulnerability": "VCID-39dz-7h6u-d7e6" }, { "vulnerability": "VCID-3shp-e3et-mqf3" }, { "vulnerability": "VCID-3vxw-r6zv-syhb" }, { "vulnerability": "VCID-42je-5dt6-qfcv" }, { "vulnerability": "VCID-43m2-zsez-1kdt" }, { "vulnerability": "VCID-55ts-hggh-2fan" }, { "vulnerability": "VCID-56ct-pa4k-83a9" }, { "vulnerability": "VCID-5v1w-zggj-4ub6" }, { "vulnerability": "VCID-6caw-c8nd-wfeh" }, { "vulnerability": "VCID-6dnn-arvb-nuek" }, { "vulnerability": "VCID-7r3q-d9jh-vkec" }, { "vulnerability": "VCID-84fn-4ybd-sbgs" }, { "vulnerability": "VCID-922k-xceg-nkft" }, { "vulnerability": "VCID-9c2x-g9wr-dbdb" }, { "vulnerability": "VCID-aubk-fp51-x7ed" }, { "vulnerability": "VCID-b788-g7hy-xqf9" }, { "vulnerability": "VCID-bg42-sjja-2qa6" }, { "vulnerability": "VCID-bs39-uk1w-yfcx" }, { "vulnerability": "VCID-d72k-u2f3-8ueq" }, { "vulnerability": "VCID-eqzr-trfg-3kam" }, { "vulnerability": "VCID-evh5-vmmv-5uee" }, { "vulnerability": "VCID-g95u-1q59-ckh7" }, { "vulnerability": "VCID-guru-ff8a-wqgu" }, { "vulnerability": "VCID-h1e3-v4dt-ayav" }, { "vulnerability": "VCID-hdnn-2m1x-hydf" }, { "vulnerability": "VCID-hfyp-6h1g-ykhk" }, { "vulnerability": "VCID-hjn9-ubdc-2qh9" }, { "vulnerability": "VCID-hxt8-j2wk-jqbu" }, { "vulnerability": "VCID-jrdn-k4c1-hkcs" }, { "vulnerability": "VCID-k2cc-pe53-b3bd" }, { "vulnerability": "VCID-nahe-781n-aqhf" }, { "vulnerability": "VCID-ntea-fmp4-u3a5" }, { "vulnerability": "VCID-pvdy-3kvz-tud2" }, { "vulnerability": "VCID-pw7w-s4s1-77fv" }, { "vulnerability": "VCID-q9sj-vhnr-a7ee" }, { "vulnerability": "VCID-qb3k-dzzx-cyb2" }, { "vulnerability": "VCID-qbw7-ay83-rket" }, { "vulnerability": "VCID-r27q-cvqa-wueu" }, { "vulnerability": "VCID-s1pj-yhs2-myg6" }, { "vulnerability": "VCID-sgvn-hfwe-7kad" }, { "vulnerability": "VCID-sz5z-1ktj-bkff" }, { "vulnerability": "VCID-t1rn-wxx1-2qd3" }, { "vulnerability": "VCID-tbq2-5mpk-47gx" }, { "vulnerability": "VCID-tfp8-2vsv-jfdk" }, { "vulnerability": "VCID-utu4-vqyx-rfb8" }, { "vulnerability": "VCID-wqeb-6u57-4bck" }, { "vulnerability": "VCID-y7n3-4462-wfhz" }, { "vulnerability": "VCID-yphr-tywa-jyb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0" } ], "aliases": [ "CVE-2022-27776" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yq8t-vx5q-k3hp" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.8.0" }