Search for packages
| purl | pkg:rpm/redhat/curl@7.61.1-30.el8_8?arch=3 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 2.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-47qb-2qkw-1qej
Aliases: CVE-2023-28321 |
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. | There are no reported fixed by versions. |
|
VCID-ms2r-94ph-yyh3
Aliases: CVE-2023-27536 |
Improper Authentication An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:54:42.352405+00:00 | RedHat Importer | Affected by | VCID-ms2r-94ph-yyh3 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json | 38.0.0 |
| 2026-04-01T13:53:54.001811+00:00 | RedHat Importer | Affected by | VCID-47qb-2qkw-1qej | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json | 38.0.0 |