Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/curl@7.61.1-22.el8_6?arch=12
Typerpm
Namespaceredhat
Namecurl
Version7.61.1-22.el8_6
Qualifiers
arch 12
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2xmp-jc8v-bucb
vulnerability_id VCID-2xmp-jc8v-bucb
summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35252
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43804
published_at 2026-04-04T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43787
published_at 2026-04-08T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43779
published_at 2026-04-02T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43736
published_at 2026-04-07T12:55:00Z
4
value 0.00289
scoring_system epss
scoring_elements 0.52356
published_at 2026-04-16T12:55:00Z
5
value 0.00289
scoring_system epss
scoring_elements 0.52298
published_at 2026-04-09T12:55:00Z
6
value 0.00289
scoring_system epss
scoring_elements 0.52348
published_at 2026-04-11T12:55:00Z
7
value 0.00289
scoring_system epss
scoring_elements 0.52332
published_at 2026-04-12T12:55:00Z
8
value 0.00289
scoring_system epss
scoring_elements 0.52318
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35252
2
reference_url https://curl.se/docs/CVE-2022-35252.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2022-35252.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/1613943
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://hackerone.com/reports/1613943
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831
reference_id 1018831
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831
7
reference_url http://seclists.org/fulldisclosure/2023/Jan/20
reference_id 20
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url http://seclists.org/fulldisclosure/2023/Jan/20
8
reference_url http://seclists.org/fulldisclosure/2023/Jan/21
reference_id 21
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url http://seclists.org/fulldisclosure/2023/Jan/21
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2120718
reference_id 2120718
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2120718
10
reference_url https://security.gentoo.org/glsa/202212-01
reference_id GLSA-202212-01
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://security.gentoo.org/glsa/202212-01
11
reference_url https://support.apple.com/kb/HT213603
reference_id HT213603
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://support.apple.com/kb/HT213603
12
reference_url https://support.apple.com/kb/HT213604
reference_id HT213604
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://support.apple.com/kb/HT213604
13
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
14
reference_url https://security.netapp.com/advisory/ntap-20220930-0005/
reference_id ntap-20220930-0005
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/
url https://security.netapp.com/advisory/ntap-20220930-0005/
15
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
16
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
17
reference_url https://access.redhat.com/errata/RHSA-2023:2478
reference_id RHSA-2023:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2478
18
reference_url https://access.redhat.com/errata/RHSA-2023:2963
reference_id RHSA-2023:2963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2963
19
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
20
reference_url https://usn.ubuntu.com/5587-1/
reference_id USN-5587-1
reference_type
scores
url https://usn.ubuntu.com/5587-1/
fixed_packages
aliases CVE-2022-35252
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xmp-jc8v-bucb
1
url VCID-9ggp-5wfj-ufcq
vulnerability_id VCID-9ggp-5wfj-ufcq
summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43552
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42409
published_at 2026-04-13T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42428
published_at 2026-04-02T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42458
published_at 2026-04-16T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42397
published_at 2026-04-07T12:55:00Z
4
value 0.00203
scoring_system epss
scoring_elements 0.42447
published_at 2026-04-08T12:55:00Z
5
value 0.00203
scoring_system epss
scoring_elements 0.42455
published_at 2026-04-09T12:55:00Z
6
value 0.00203
scoring_system epss
scoring_elements 0.42477
published_at 2026-04-11T12:55:00Z
7
value 0.00203
scoring_system epss
scoring_elements 0.4244
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43552
2
reference_url https://curl.se/docs/CVE-2022-43552.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2022-43552.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://hackerone.com/reports/1764858
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/
url https://hackerone.com/reports/1764858
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830
reference_id 1026830
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830
8
reference_url http://seclists.org/fulldisclosure/2023/Mar/17
reference_id 17
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/
url http://seclists.org/fulldisclosure/2023/Mar/17
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2152652
reference_id 2152652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2152652
10
reference_url https://security.gentoo.org/glsa/202310-12
reference_id GLSA-202310-12
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/
url https://security.gentoo.org/glsa/202310-12
11
reference_url https://support.apple.com/kb/HT213670
reference_id HT213670
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/
url https://support.apple.com/kb/HT213670
12
reference_url https://security.netapp.com/advisory/ntap-20230214-0002/
reference_id ntap-20230214-0002
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/
url https://security.netapp.com/advisory/ntap-20230214-0002/
13
reference_url https://access.redhat.com/errata/RHSA-2023:2478
reference_id RHSA-2023:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2478
14
reference_url https://access.redhat.com/errata/RHSA-2023:2963
reference_id RHSA-2023:2963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2963
15
reference_url https://access.redhat.com/errata/RHSA-2023:3354
reference_id RHSA-2023:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3354
16
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
17
reference_url https://access.redhat.com/errata/RHSA-2023:7743
reference_id RHSA-2023:7743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7743
18
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
19
reference_url https://usn.ubuntu.com/5788-1/
reference_id USN-5788-1
reference_type
scores
url https://usn.ubuntu.com/5788-1/
20
reference_url https://usn.ubuntu.com/5894-1/
reference_id USN-5894-1
reference_type
scores
url https://usn.ubuntu.com/5894-1/
fixed_packages
aliases CVE-2022-43552
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ggp-5wfj-ufcq
2
url VCID-cbah-e86c-w3fj
vulnerability_id VCID-cbah-e86c-w3fj
summary 
Improper Authentication
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-27535
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20226
published_at 2026-04-16T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20386
published_at 2026-04-02T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20446
published_at 2026-04-04T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.2017
published_at 2026-04-07T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20251
published_at 2026-04-08T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20311
published_at 2026-04-09T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20341
published_at 2026-04-11T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20295
published_at 2026-04-12T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20236
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-27535
2
reference_url https://curl.se/docs/CVE-2023-27535.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2023-27535.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/1892780
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/
url https://hackerone.com/reports/1892780
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179073
reference_id 2179073
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179073
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id 36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-27535
reference_id CVE-2023-27535
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-27535
10
reference_url https://security.gentoo.org/glsa/202310-12
reference_id GLSA-202310-12
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/
url https://security.gentoo.org/glsa/202310-12
11
reference_url https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/
url https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
12
reference_url https://security.netapp.com/advisory/ntap-20230420-0010/
reference_id ntap-20230420-0010
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/
url https://security.netapp.com/advisory/ntap-20230420-0010/
13
reference_url https://access.redhat.com/errata/RHSA-2023:2650
reference_id RHSA-2023:2650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2650
14
reference_url https://access.redhat.com/errata/RHSA-2023:3106
reference_id RHSA-2023:3106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3106
15
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
16
reference_url https://usn.ubuntu.com/5964-1/
reference_id USN-5964-1
reference_type
scores
url https://usn.ubuntu.com/5964-1/
17
reference_url https://usn.ubuntu.com/5964-2/
reference_id USN-5964-2
reference_type
scores
url https://usn.ubuntu.com/5964-2/
fixed_packages
aliases CVE-2023-27535
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbah-e86c-w3fj
3
url VCID-ms2r-94ph-yyh3
vulnerability_id VCID-ms2r-94ph-yyh3
summary 
Improper Authentication
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-27536
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01282
published_at 2026-04-16T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01285
published_at 2026-04-02T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.0129
published_at 2026-04-04T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01301
published_at 2026-04-07T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01306
published_at 2026-04-08T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.0131
published_at 2026-04-09T12:55:00Z
6
value 0.00011
scoring_system epss
scoring_elements 0.01294
published_at 2026-04-11T12:55:00Z
7
value 0.00011
scoring_system epss
scoring_elements 0.01288
published_at 2026-04-12T12:55:00Z
8
value 0.00011
scoring_system epss
scoring_elements 0.01291
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-27536
2
reference_url https://curl.se/docs/CVE-2023-27536.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2023-27536.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/1895135
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/
url https://hackerone.com/reports/1895135
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179092
reference_id 2179092
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179092
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id 36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-27536
reference_id CVE-2023-27536
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-27536
10
reference_url https://security.gentoo.org/glsa/202310-12
reference_id GLSA-202310-12
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/
url https://security.gentoo.org/glsa/202310-12
11
reference_url https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/
url https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
12
reference_url https://security.netapp.com/advisory/ntap-20230420-0010/
reference_id ntap-20230420-0010
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/
url https://security.netapp.com/advisory/ntap-20230420-0010/
13
reference_url https://access.redhat.com/errata/RHSA-2023:4523
reference_id RHSA-2023:4523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4523
14
reference_url https://access.redhat.com/errata/RHSA-2023:6679
reference_id RHSA-2023:6679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6679
15
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
16
reference_url https://usn.ubuntu.com/5964-1/
reference_id USN-5964-1
reference_type
scores
url https://usn.ubuntu.com/5964-1/
17
reference_url https://usn.ubuntu.com/5964-2/
reference_id USN-5964-2
reference_type
scores
url https://usn.ubuntu.com/5964-2/
fixed_packages
aliases CVE-2023-27536
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2r-94ph-yyh3
4
url VCID-qdcn-2u3v-b3cv
vulnerability_id VCID-qdcn-2u3v-b3cv
summary Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46218
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60632
published_at 2026-04-16T12:55:00Z
1
value 0.00398
scoring_system epss
scoring_elements 0.60627
published_at 2026-04-11T12:55:00Z
2
value 0.00398
scoring_system epss
scoring_elements 0.60612
published_at 2026-04-12T12:55:00Z
3
value 0.00398
scoring_system epss
scoring_elements 0.60591
published_at 2026-04-13T12:55:00Z
4
value 0.00432
scoring_system epss
scoring_elements 0.62608
published_at 2026-04-02T12:55:00Z
5
value 0.00432
scoring_system epss
scoring_elements 0.62656
published_at 2026-04-08T12:55:00Z
6
value 0.00432
scoring_system epss
scoring_elements 0.62672
published_at 2026-04-09T12:55:00Z
7
value 0.00432
scoring_system epss
scoring_elements 0.62606
published_at 2026-04-07T12:55:00Z
8
value 0.00432
scoring_system epss
scoring_elements 0.62641
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46218
2
reference_url https://curl.se/docs/CVE-2023-46218.html
reference_id
reference_type
scores
0
value Medium
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2023-46218.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/2212193
reference_id
reference_type
scores
url https://hackerone.com/reports/2212193
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646
reference_id 1057646
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252030
reference_id 2252030
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252030
8
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
9
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
10
reference_url https://access.redhat.com/errata/RHSA-2024:0434
reference_id RHSA-2024:0434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0434
11
reference_url https://access.redhat.com/errata/RHSA-2024:0452
reference_id RHSA-2024:0452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0452
12
reference_url https://access.redhat.com/errata/RHSA-2024:0585
reference_id RHSA-2024:0585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0585
13
reference_url https://access.redhat.com/errata/RHSA-2024:1129
reference_id RHSA-2024:1129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1129
14
reference_url https://access.redhat.com/errata/RHSA-2024:1316
reference_id RHSA-2024:1316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1316
15
reference_url https://access.redhat.com/errata/RHSA-2024:1317
reference_id RHSA-2024:1317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1317
16
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
17
reference_url https://access.redhat.com/errata/RHSA-2024:1601
reference_id RHSA-2024:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1601
18
reference_url https://access.redhat.com/errata/RHSA-2024:2092
reference_id RHSA-2024:2092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2092
19
reference_url https://access.redhat.com/errata/RHSA-2024:2093
reference_id RHSA-2024:2093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2093
20
reference_url https://access.redhat.com/errata/RHSA-2024:2094
reference_id RHSA-2024:2094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2094
21
reference_url https://usn.ubuntu.com/6535-1/
reference_id USN-6535-1
reference_type
scores
url https://usn.ubuntu.com/6535-1/
22
reference_url https://usn.ubuntu.com/6641-1/
reference_id USN-6641-1
reference_type
scores
url https://usn.ubuntu.com/6641-1/
fixed_packages
aliases CVE-2023-46218
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcn-2u3v-b3cv
5
url VCID-s73y-y7v7-43cm
vulnerability_id VCID-s73y-y7v7-43cm
summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28322
reference_id
reference_type
scores
0
value 0.00631
scoring_system epss
scoring_elements 0.70331
published_at 2026-04-16T12:55:00Z
1
value 0.00631
scoring_system epss
scoring_elements 0.70238
published_at 2026-04-02T12:55:00Z
2
value 0.00631
scoring_system epss
scoring_elements 0.70255
published_at 2026-04-04T12:55:00Z
3
value 0.00631
scoring_system epss
scoring_elements 0.70232
published_at 2026-04-07T12:55:00Z
4
value 0.00631
scoring_system epss
scoring_elements 0.70278
published_at 2026-04-08T12:55:00Z
5
value 0.00631
scoring_system epss
scoring_elements 0.70294
published_at 2026-04-09T12:55:00Z
6
value 0.00631
scoring_system epss
scoring_elements 0.70317
published_at 2026-04-11T12:55:00Z
7
value 0.00631
scoring_system epss
scoring_elements 0.70302
published_at 2026-04-12T12:55:00Z
8
value 0.00631
scoring_system epss
scoring_elements 0.70289
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28322
2
reference_url https://curl.se/docs/CVE-2023-28322.html
reference_id
reference_type
scores
0
value Low
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2023-28322.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/1954658
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://hackerone.com/reports/1954658
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
reference_id 1036239
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2196793
reference_id 2196793
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2196793
8
reference_url http://seclists.org/fulldisclosure/2023/Jul/47
reference_id 47
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url http://seclists.org/fulldisclosure/2023/Jul/47
9
reference_url http://seclists.org/fulldisclosure/2023/Jul/48
reference_id 48
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url http://seclists.org/fulldisclosure/2023/Jul/48
10
reference_url http://seclists.org/fulldisclosure/2023/Jul/52
reference_id 52
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url http://seclists.org/fulldisclosure/2023/Jul/52
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
reference_id F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
12
reference_url https://security.gentoo.org/glsa/202310-12
reference_id GLSA-202310-12
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://security.gentoo.org/glsa/202310-12
13
reference_url https://support.apple.com/kb/HT213843
reference_id HT213843
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://support.apple.com/kb/HT213843
14
reference_url https://support.apple.com/kb/HT213844
reference_id HT213844
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://support.apple.com/kb/HT213844
15
reference_url https://support.apple.com/kb/HT213845
reference_id HT213845
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://support.apple.com/kb/HT213845
16
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
17
reference_url https://security.netapp.com/advisory/ntap-20230609-0009/
reference_id ntap-20230609-0009
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://security.netapp.com/advisory/ntap-20230609-0009/
18
reference_url https://access.redhat.com/errata/RHSA-2023:4354
reference_id RHSA-2023:4354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4354
19
reference_url https://access.redhat.com/errata/RHSA-2023:4628
reference_id RHSA-2023:4628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4628
20
reference_url https://access.redhat.com/errata/RHSA-2023:4629
reference_id RHSA-2023:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4629
21
reference_url https://access.redhat.com/errata/RHSA-2023:5598
reference_id RHSA-2023:5598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5598
22
reference_url https://access.redhat.com/errata/RHSA-2024:0428
reference_id RHSA-2024:0428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0428
23
reference_url https://access.redhat.com/errata/RHSA-2024:0585
reference_id RHSA-2024:0585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0585
24
reference_url https://access.redhat.com/errata/RHSA-2024:1601
reference_id RHSA-2024:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1601
25
reference_url https://access.redhat.com/errata/RHSA-2024:2092
reference_id RHSA-2024:2092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2092
26
reference_url https://access.redhat.com/errata/RHSA-2024:2093
reference_id RHSA-2024:2093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2093
27
reference_url https://usn.ubuntu.com/6237-1/
reference_id USN-6237-1
reference_type
scores
url https://usn.ubuntu.com/6237-1/
28
reference_url https://usn.ubuntu.com/6237-3/
reference_id USN-6237-3
reference_type
scores
url https://usn.ubuntu.com/6237-3/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
reference_id Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
fixed_packages
aliases CVE-2023-28322
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm
Fixing_vulnerabilities
Risk_score2.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/curl@7.61.1-22.el8_6%3Farch=12