Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Namecurl
Version8.7.1-r0
Qualifiers
arch x86
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8.9.0-r0
Latest_non_vulnerable_version8.20.0-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-ffmg-djmk-57hn
vulnerability_id VCID-ffmg-djmk-57hn
summary When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2004
reference_id
reference_type
scores
0
value 0.0091
scoring_system epss
scoring_elements 0.76224
published_at 2026-06-06T12:55:00Z
1
value 0.0091
scoring_system epss
scoring_elements 0.76222
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2004
2
reference_url https://curl.se/docs/CVE-2024-2004.html
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Low
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://curl.se/docs/CVE-2024-2004.html
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://hackerone.com/reports/2384833
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://hackerone.com/reports/2384833
5
reference_url http://www.openwall.com/lists/oss-security/2024/03/27/1
reference_id 1
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url http://www.openwall.com/lists/oss-security/2024/03/27/1
6
reference_url http://seclists.org/fulldisclosure/2024/Jul/18
reference_id 18
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url http://seclists.org/fulldisclosure/2024/Jul/18
7
reference_url http://seclists.org/fulldisclosure/2024/Jul/19
reference_id 19
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url http://seclists.org/fulldisclosure/2024/Jul/19
8
reference_url http://seclists.org/fulldisclosure/2024/Jul/20
reference_id 20
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url http://seclists.org/fulldisclosure/2024/Jul/20
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270500
reference_id 2270500
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270500
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/
reference_id 2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/
11
reference_url https://curl.se/docs/CVE-2024-2004.json
reference_id CVE-2024-2004.json
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://curl.se/docs/CVE-2024-2004.json
12
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/
reference_id GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/
14
reference_url https://support.apple.com/kb/HT214118
reference_id HT214118
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://support.apple.com/kb/HT214118
15
reference_url https://support.apple.com/kb/HT214119
reference_id HT214119
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://support.apple.com/kb/HT214119
16
reference_url https://support.apple.com/kb/HT214120
reference_id HT214120
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://support.apple.com/kb/HT214120
17
reference_url https://security.netapp.com/advisory/ntap-20240524-0006/
reference_id ntap-20240524-0006
reference_type
scores
0
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/
url https://security.netapp.com/advisory/ntap-20240524-0006/
18
reference_url https://access.redhat.com/errata/RHSA-2024:2693
reference_id RHSA-2024:2693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2693
19
reference_url https://access.redhat.com/errata/RHSA-2024:2694
reference_id RHSA-2024:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2694
20
reference_url https://usn.ubuntu.com/6718-1/
reference_id USN-6718-1
reference_type
scores
url https://usn.ubuntu.com/6718-1/
21
reference_url https://usn.ubuntu.com/6718-3/
reference_id USN-6718-3
reference_type
scores
url https://usn.ubuntu.com/6718-3/
fixed_packages
0
url pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.7.1-r0%3Farch=x86&distroversion=edge&reponame=main
aliases CVE-2024-2004
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffmg-djmk-57hn
1
url VCID-jnq1-hk6d-b3a3
vulnerability_id VCID-jnq1-hk6d-b3a3
summary When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2398
reference_id
reference_type
scores
0
value 0.02015
scoring_system epss
scoring_elements 0.84078
published_at 2026-06-06T12:55:00Z
1
value 0.02015
scoring_system epss
scoring_elements 0.84075
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2398
2
reference_url https://curl.se/docs/CVE-2024-2398.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Medium
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://curl.se/docs/CVE-2024-2398.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://hackerone.com/reports/2402845
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://hackerone.com/reports/2402845
6
reference_url http://seclists.org/fulldisclosure/2024/Jul/18
reference_id 18
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url http://seclists.org/fulldisclosure/2024/Jul/18
7
reference_url http://seclists.org/fulldisclosure/2024/Jul/19
reference_id 19
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url http://seclists.org/fulldisclosure/2024/Jul/19
8
reference_url http://seclists.org/fulldisclosure/2024/Jul/20
reference_id 20
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url http://seclists.org/fulldisclosure/2024/Jul/20
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270498
reference_id 2270498
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270498
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/
reference_id 2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/
11
reference_url http://www.openwall.com/lists/oss-security/2024/03/27/3
reference_id 3
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url http://www.openwall.com/lists/oss-security/2024/03/27/3
12
reference_url https://curl.se/docs/CVE-2024-2398.json
reference_id CVE-2024-2398.json
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://curl.se/docs/CVE-2024-2398.json
13
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/
reference_id GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/
15
reference_url https://support.apple.com/kb/HT214118
reference_id HT214118
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://support.apple.com/kb/HT214118
16
reference_url https://support.apple.com/kb/HT214119
reference_id HT214119
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://support.apple.com/kb/HT214119
17
reference_url https://support.apple.com/kb/HT214120
reference_id HT214120
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://support.apple.com/kb/HT214120
18
reference_url https://security.netapp.com/advisory/ntap-20240503-0009/
reference_id ntap-20240503-0009
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/
url https://security.netapp.com/advisory/ntap-20240503-0009/
19
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
20
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
21
reference_url https://access.redhat.com/errata/RHSA-2024:2693
reference_id RHSA-2024:2693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2693
22
reference_url https://access.redhat.com/errata/RHSA-2024:2694
reference_id RHSA-2024:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2694
23
reference_url https://access.redhat.com/errata/RHSA-2024:3998
reference_id RHSA-2024:3998
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3998
24
reference_url https://access.redhat.com/errata/RHSA-2024:5529
reference_id RHSA-2024:5529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5529
25
reference_url https://access.redhat.com/errata/RHSA-2024:5654
reference_id RHSA-2024:5654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5654
26
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
27
reference_url https://access.redhat.com/errata/RHSA-2024:7374
reference_id RHSA-2024:7374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7374
28
reference_url https://usn.ubuntu.com/6718-1/
reference_id USN-6718-1
reference_type
scores
url https://usn.ubuntu.com/6718-1/
29
reference_url https://usn.ubuntu.com/6718-2/
reference_id USN-6718-2
reference_type
scores
url https://usn.ubuntu.com/6718-2/
30
reference_url https://usn.ubuntu.com/6718-3/
reference_id USN-6718-3
reference_type
scores
url https://usn.ubuntu.com/6718-3/
fixed_packages
0
url pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.7.1-r0%3Farch=x86&distroversion=edge&reponame=main
aliases CVE-2024-2398
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnq1-hk6d-b3a3
2
url VCID-ke97-b9rb-5bfd
vulnerability_id VCID-ke97-b9rb-5bfd
summary libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2466
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35245
published_at 2026-06-06T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35229
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2466
2
reference_url https://curl.se/docs/CVE-2024-2466.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Medium
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://curl.se/docs/CVE-2024-2466.html
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://hackerone.com/reports/2416725
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://hackerone.com/reports/2416725
5
reference_url http://seclists.org/fulldisclosure/2024/Jul/18
reference_id 18
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url http://seclists.org/fulldisclosure/2024/Jul/18
6
reference_url http://seclists.org/fulldisclosure/2024/Jul/19
reference_id 19
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url http://seclists.org/fulldisclosure/2024/Jul/19
7
reference_url http://seclists.org/fulldisclosure/2024/Jul/20
reference_id 20
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url http://seclists.org/fulldisclosure/2024/Jul/20
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270497
reference_id 2270497
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270497
9
reference_url http://www.openwall.com/lists/oss-security/2024/03/27/4
reference_id 4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url http://www.openwall.com/lists/oss-security/2024/03/27/4
10
reference_url https://curl.se/docs/CVE-2024-2466.json
reference_id CVE-2024-2466.json
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://curl.se/docs/CVE-2024-2466.json
11
reference_url https://security.gentoo.org/glsa/202409-20
reference_id GLSA-202409-20
reference_type
scores
url https://security.gentoo.org/glsa/202409-20
12
reference_url https://support.apple.com/kb/HT214118
reference_id HT214118
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://support.apple.com/kb/HT214118
13
reference_url https://support.apple.com/kb/HT214119
reference_id HT214119
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://support.apple.com/kb/HT214119
14
reference_url https://support.apple.com/kb/HT214120
reference_id HT214120
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://support.apple.com/kb/HT214120
15
reference_url https://security.netapp.com/advisory/ntap-20240503-0010/
reference_id ntap-20240503-0010
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T18:43:18Z/
url https://security.netapp.com/advisory/ntap-20240503-0010/
16
reference_url https://access.redhat.com/errata/RHSA-2024:2693
reference_id RHSA-2024:2693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2693
17
reference_url https://access.redhat.com/errata/RHSA-2024:2694
reference_id RHSA-2024:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2694
fixed_packages
0
url pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/curl@8.7.1-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.7.1-r0%3Farch=x86&distroversion=edge&reponame=main
aliases CVE-2024-2466
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke97-b9rb-5bfd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.7.1-r0%3Farch=x86&distroversion=edge&reponame=main