Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/curl@7.61.1-33.el8_9?arch=5

Type rpm

Namespace redhat

Name curl

Version 7.61.1-33.el8_9

Qualifiers

arch	5

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-gnx2-djyk-uyaf

vulnerability_id

VCID-gnx2-djyk-uyaf

summary

Cookie injection with none file
This flaw allows an attacker to insert cookies at will into a running program
using libcurl, if the specific series of conditions are met.

libcurl performs transfers. In its API, an application creates "easy handles"
that are the individual handles for single transfers.

libcurl provides a function call that duplicates en easy handle called
[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).

If a transfer has cookies enabled when the handle is duplicated, the
cookie-enable state is also cloned - but without cloning the actual
cookies. If the source handle does not read any cookies from a specific file on
disk, the cloned version of the handle would instead store the file name as
`none` (using the four ASCII letters, no quotes).

Subsequent use of the cloned handle that does not explicitly set a source to
load cookies from would then inadvertently load cookies from a file named
`none` - if such a file exists and is readable in the current directory of the
program using libcurl. And if using the correct file format of course.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38546

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49032
published_at	2026-04-18T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.49036
published_at	2026-04-16T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48985
published_at	2026-04-24T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48964
published_at	2026-04-02T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.49012
published_at	2026-04-11T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48995
published_at	2026-04-09T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48998
published_at	2026-04-08T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48991
published_at	2026-04-13T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48944
published_at	2026-04-07T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49733
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/2148242
reference_id
reference_type
scores
url	https://hackerone.com/reports/2148242

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2241938
reference_id	2241938
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2241938

reference_url

http://seclists.org/fulldisclosure/2024/Jan/34

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/34

reference_url

http://seclists.org/fulldisclosure/2024/Jan/37

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/37

reference_url

http://seclists.org/fulldisclosure/2024/Jan/38

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/38

reference_url

https://security.archlinux.org/AVG-2845

reference_id

AVG-2845

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2845

reference_url

https://security.archlinux.org/AVG-2846

reference_id

AVG-2846

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2846

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-38546
reference_id	CVE-2023-38546
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-38546

reference_url

https://curl.se/docs/CVE-2023-38546.html

reference_id

CVE-2023-38546.HTML

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://curl.se/docs/CVE-2023-38546.html

reference_url	https://security.gentoo.org/glsa/202310-12
reference_id	GLSA-202310-12
reference_type
scores
url	https://security.gentoo.org/glsa/202310-12

reference_url

https://support.apple.com/kb/HT214036

reference_id

HT214036

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214036

reference_url

https://support.apple.com/kb/HT214057

reference_id

HT214057

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214057

reference_url

https://support.apple.com/kb/HT214058

reference_id

HT214058

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214058

reference_url

https://support.apple.com/kb/HT214063

reference_id

HT214063

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214063

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/

reference_id

OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/

reference_url	https://access.redhat.com/errata/RHSA-2023:5700
reference_id	RHSA-2023:5700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5700

reference_url	https://access.redhat.com/errata/RHSA-2023:5763
reference_id	RHSA-2023:5763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5763

reference_url	https://access.redhat.com/errata/RHSA-2023:6292
reference_id	RHSA-2023:6292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6292

reference_url	https://access.redhat.com/errata/RHSA-2023:6745
reference_id	RHSA-2023:6745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6745

reference_url	https://access.redhat.com/errata/RHSA-2023:7540
reference_id	RHSA-2023:7540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7540

reference_url	https://access.redhat.com/errata/RHSA-2023:7625
reference_id	RHSA-2023:7625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7625

reference_url	https://access.redhat.com/errata/RHSA-2023:7626
reference_id	RHSA-2023:7626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7626

reference_url	https://access.redhat.com/errata/RHSA-2024:1601
reference_id	RHSA-2024:1601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1601

reference_url	https://access.redhat.com/errata/RHSA-2024:2092
reference_id	RHSA-2024:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2092

reference_url	https://access.redhat.com/errata/RHSA-2024:2093
reference_id	RHSA-2024:2093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2093

reference_url	https://access.redhat.com/errata/RHSA-2024:2101
reference_id	RHSA-2024:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2101

reference_url	https://usn.ubuntu.com/6429-1/
reference_id	USN-6429-1
reference_type
scores
url	https://usn.ubuntu.com/6429-1/

reference_url	https://usn.ubuntu.com/6429-2/
reference_id	USN-6429-2
reference_type
scores
url	https://usn.ubuntu.com/6429-2/

reference_url	https://usn.ubuntu.com/6429-3/
reference_id	USN-6429-3
reference_type
scores
url	https://usn.ubuntu.com/6429-3/

reference_url

https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868

reference_id

viewtopic.php?f=8&t=8868

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868

fixed_packages

aliases

CVE-2023-38546

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-gnx2-djyk-uyaf

url

VCID-qdcn-2u3v-b3cv

vulnerability_id

VCID-qdcn-2u3v-b3cv

summary

Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46218

reference_id

reference_type

scores

value	0.00398
scoring_system	epss
scoring_elements	0.6061
published_at	2026-04-24T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60627
published_at	2026-04-11T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60612
published_at	2026-04-12T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60591
published_at	2026-04-13T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60632
published_at	2026-04-16T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60637
published_at	2026-04-18T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60625
published_at	2026-04-21T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62641
published_at	2026-04-04T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62656
published_at	2026-04-08T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62672
published_at	2026-04-09T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62608
published_at	2026-04-02T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62606
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46218

reference_url

https://curl.se/docs/CVE-2023-46218.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-46218.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/2212193
reference_id
reference_type
scores
url	https://hackerone.com/reports/2212193

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646
reference_id	1057646
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2252030
reference_id	2252030
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2252030

reference_url	https://security.gentoo.org/glsa/202409-20
reference_id	GLSA-202409-20
reference_type
scores
url	https://security.gentoo.org/glsa/202409-20

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://access.redhat.com/errata/RHSA-2024:0434
reference_id	RHSA-2024:0434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0434

reference_url	https://access.redhat.com/errata/RHSA-2024:0452
reference_id	RHSA-2024:0452
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0452

reference_url	https://access.redhat.com/errata/RHSA-2024:0585
reference_id	RHSA-2024:0585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0585

reference_url	https://access.redhat.com/errata/RHSA-2024:1129
reference_id	RHSA-2024:1129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1129

reference_url	https://access.redhat.com/errata/RHSA-2024:1316
reference_id	RHSA-2024:1316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1316

reference_url	https://access.redhat.com/errata/RHSA-2024:1317
reference_id	RHSA-2024:1317
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1317

reference_url	https://access.redhat.com/errata/RHSA-2024:1383
reference_id	RHSA-2024:1383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1383

reference_url	https://access.redhat.com/errata/RHSA-2024:1601
reference_id	RHSA-2024:1601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1601

reference_url	https://access.redhat.com/errata/RHSA-2024:2092
reference_id	RHSA-2024:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2092

reference_url	https://access.redhat.com/errata/RHSA-2024:2093
reference_id	RHSA-2024:2093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2093

reference_url	https://access.redhat.com/errata/RHSA-2024:2094
reference_id	RHSA-2024:2094
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2094

reference_url	https://usn.ubuntu.com/6535-1/
reference_id	USN-6535-1
reference_type
scores
url	https://usn.ubuntu.com/6535-1/

reference_url	https://usn.ubuntu.com/6641-1/
reference_id	USN-6641-1
reference_type
scores
url	https://usn.ubuntu.com/6641-1/

fixed_packages

aliases

CVE-2023-46218

risk_score

2.4

exploitability

0.5

weighted_severity

4.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcn-2u3v-b3cv

url

VCID-s73y-y7v7-43cm

vulnerability_id

VCID-s73y-y7v7-43cm

summary

Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28322

reference_id

reference_type

scores

value	0.00581
scoring_system	epss
scoring_elements	0.68981
published_at	2026-04-24T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.6893
published_at	2026-04-21T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70238
published_at	2026-04-02T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70294
published_at	2026-04-09T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70278
published_at	2026-04-08T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70232
published_at	2026-04-07T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70255
published_at	2026-04-04T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70341
published_at	2026-04-18T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70331
published_at	2026-04-16T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70289
published_at	2026-04-13T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70302
published_at	2026-04-12T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70317
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28322

reference_url

https://curl.se/docs/CVE-2023-28322.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-28322.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1954658

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://hackerone.com/reports/1954658

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
reference_id	1036239
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2196793
reference_id	2196793
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2196793

reference_url

http://seclists.org/fulldisclosure/2023/Jul/47

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

http://seclists.org/fulldisclosure/2023/Jul/47

reference_url

http://seclists.org/fulldisclosure/2023/Jul/48

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

http://seclists.org/fulldisclosure/2023/Jul/48

reference_url

http://seclists.org/fulldisclosure/2023/Jul/52

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

http://seclists.org/fulldisclosure/2023/Jul/52

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_id

F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_url

https://security.gentoo.org/glsa/202310-12

reference_id

GLSA-202310-12

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://security.gentoo.org/glsa/202310-12

reference_url

https://support.apple.com/kb/HT213843

reference_id

HT213843

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://support.apple.com/kb/HT213843

reference_url

https://support.apple.com/kb/HT213844

reference_id

HT213844

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://support.apple.com/kb/HT213844

reference_url

https://support.apple.com/kb/HT213845

reference_id

HT213845

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://support.apple.com/kb/HT213845

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html

reference_url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_id

ntap-20230609-0009

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_url	https://access.redhat.com/errata/RHSA-2023:4354
reference_id	RHSA-2023:4354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4354

reference_url	https://access.redhat.com/errata/RHSA-2023:4628
reference_id	RHSA-2023:4628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4628

reference_url	https://access.redhat.com/errata/RHSA-2023:4629
reference_id	RHSA-2023:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4629

reference_url	https://access.redhat.com/errata/RHSA-2023:5598
reference_id	RHSA-2023:5598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5598

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://access.redhat.com/errata/RHSA-2024:0585
reference_id	RHSA-2024:0585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0585

reference_url	https://access.redhat.com/errata/RHSA-2024:1601
reference_id	RHSA-2024:1601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1601

reference_url	https://access.redhat.com/errata/RHSA-2024:2092
reference_id	RHSA-2024:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2092

reference_url	https://access.redhat.com/errata/RHSA-2024:2093
reference_id	RHSA-2024:2093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2093

reference_url	https://usn.ubuntu.com/6237-1/
reference_id	USN-6237-1
reference_type
scores
url	https://usn.ubuntu.com/6237-1/

reference_url	https://usn.ubuntu.com/6237-3/
reference_id	USN-6237-3
reference_type
scores
url	https://usn.ubuntu.com/6237-3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

reference_id

Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

fixed_packages

aliases

CVE-2023-28322

risk_score

2.4

exploitability

0.5

weighted_severity

4.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/curl@7.61.1-33.el8_9%3Farch=5

Package Instance