Package Instance

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

http://seclists.org/fulldisclosure/2023/Jan/21

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

http://seclists.org/fulldisclosure/2023/Jan/21

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2120718
reference_id	2120718
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2120718

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://support.apple.com/kb/HT213603

reference_url

reference_id

HT213603

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://support.apple.com/kb/HT213603

reference_url

reference_id

HT213604

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_url

reference_id

msg00028.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_url

https://security.netapp.com/advisory/ntap-20220930-0005/

reference_id

ntap-20220930-0005

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/

url

https://security.netapp.com/advisory/ntap-20220930-0005/

reference_url	https://access.redhat.com/errata/RHSA-2022:8840
reference_id	RHSA-2022:8840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8840

reference_url	https://access.redhat.com/errata/RHSA-2022:8841
reference_id	RHSA-2022:8841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8841

reference_url	https://access.redhat.com/errata/RHSA-2023:2478
reference_id	RHSA-2023:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2478

reference_url	https://access.redhat.com/errata/RHSA-2023:2963
reference_id	RHSA-2023:2963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2963

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://usn.ubuntu.com/5587-1/
reference_id	USN-5587-1
reference_type
scores
url	https://usn.ubuntu.com/5587-1/

fixed_packages

url pkg:generic/curl.se/curl@7.85.0

purl pkg:generic/curl.se/curl@7.85.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-rg54-svzj-x7f9

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0

aliases CVE-2022-35252

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xmp-jc8v-bucb

url VCID-3sy2-4f3g-zkac

vulnerability_id VCID-3sy2-4f3g-zkac

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27774

reference_id

reference_type

scores

value	0.00306
scoring_system	epss
scoring_elements	0.53851
published_at	2026-04-16T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53847
published_at	2026-04-11T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.5383
published_at	2026-04-12T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53814
published_at	2026-04-13T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53749
published_at	2026-04-02T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53775
published_at	2026-04-04T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53748
published_at	2026-04-07T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53801
published_at	2026-04-08T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53799
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27774

reference_url

https://curl.se/docs/CVE-2022-27774.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-27774.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1543773
reference_id
reference_type
scores
url	https://hackerone.com/reports/1543773

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254
reference_id	1010254
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2077547
reference_id	2077547
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2077547

reference_url

reference_id

AVG-2685

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json

reference_url	https://security.gentoo.org/glsa/202212-01
reference_id	GLSA-202212-01
reference_type
scores
url	https://security.gentoo.org/glsa/202212-01

reference_url	https://access.redhat.com/errata/RHSA-2022:5245
reference_id	RHSA-2022:5245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5245

reference_url	https://access.redhat.com/errata/RHSA-2022:5313
reference_id	RHSA-2022:5313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5313

reference_url	https://usn.ubuntu.com/5397-1/
reference_id	USN-5397-1
reference_type
scores
url	https://usn.ubuntu.com/5397-1/

fixed_packages

url pkg:generic/curl.se/curl@7.83.0

purl pkg:generic/curl.se/curl@7.83.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6ge5-86tg-dydf

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hjkx-6yep-mkde

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-rhxh-77pj-1bfy

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v9n1-d6xt-6ubn

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0

aliases CVE-2022-27774

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3sy2-4f3g-zkac

url VCID-47qb-2qkw-1qej

vulnerability_id VCID-47qb-2qkw-1qej

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28321

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.53057
published_at	2026-04-16T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52966
published_at	2026-04-02T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52991
published_at	2026-04-04T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52959
published_at	2026-04-07T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53009
published_at	2026-04-08T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53003
published_at	2026-04-09T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53052
published_at	2026-04-11T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53037
published_at	2026-04-12T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.5302
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28321

reference_url

https://curl.se/docs/CVE-2023-28321.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-28321.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1950627

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://hackerone.com/reports/1950627

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
reference_id	1036239
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2196786
reference_id	2196786
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2196786

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_url

reference_id

F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

reference_url

reference_id

HT213843

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

reference_url

reference_id

HT213844

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

reference_url

reference_id

HT213845

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html

reference_url

reference_id

msg00016.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html

reference_url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_id

ntap-20230609-0009

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_url	https://access.redhat.com/errata/RHSA-2023:4354
reference_id	RHSA-2023:4354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4354

reference_url	https://access.redhat.com/errata/RHSA-2023:4523
reference_id	RHSA-2023:4523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4523

reference_url	https://access.redhat.com/errata/RHSA-2023:4628
reference_id	RHSA-2023:4628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4628

reference_url	https://access.redhat.com/errata/RHSA-2023:4629
reference_id	RHSA-2023:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4629

reference_url	https://access.redhat.com/errata/RHSA-2023:5598
reference_id	RHSA-2023:5598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5598

reference_url	https://access.redhat.com/errata/RHSA-2023:6292
reference_id	RHSA-2023:6292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6292

reference_url	https://usn.ubuntu.com/6237-1/
reference_id	USN-6237-1
reference_type
scores
url	https://usn.ubuntu.com/6237-1/

reference_url	https://usn.ubuntu.com/6237-3/
reference_id	USN-6237-3
reference_type
scores
url	https://usn.ubuntu.com/6237-3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

reference_id

Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

fixed_packages

url pkg:generic/curl.se/curl@8.1.0

purl pkg:generic/curl.se/curl@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0

aliases CVE-2023-28321

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47qb-2qkw-1qej

url VCID-4mk9-5buz-puh5

vulnerability_id VCID-4mk9-5buz-puh5

summary

Multiple vulnerabilities have been discovered in cURL, the worst of
    which could lead to man-in-the-middle attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0139.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0139

reference_id

reference_type

scores

value	0.01203
scoring_system	epss
scoring_elements	0.7896
published_at	2026-04-16T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-01T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78891
published_at	2026-04-02T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78919
published_at	2026-04-04T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78902
published_at	2026-04-07T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78927
published_at	2026-04-08T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78933
published_at	2026-04-09T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78956
published_at	2026-04-11T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78941
published_at	2026-04-12T12:55:00Z

value	0.01203
scoring_system	epss
scoring_elements	0.78931
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0139

reference_url

https://curl.se/docs/CVE-2014-0139.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0139.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1079149
reference_id	1079149
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1079149

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728
reference_id	742728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728

reference_url	https://security.gentoo.org/glsa/201406-21
reference_id	GLSA-201406-21
reference_type
scores
url	https://security.gentoo.org/glsa/201406-21

reference_url	https://usn.ubuntu.com/2167-1/
reference_id	USN-2167-1
reference_type
scores
url	https://usn.ubuntu.com/2167-1/

fixed_packages

url pkg:generic/curl.se/curl@7.36.0

purl pkg:generic/curl.se/curl@7.36.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.36.0

aliases CVE-2014-0139

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mk9-5buz-puh5

url VCID-56wg-yafz-gkgx

vulnerability_id VCID-56wg-yafz-gkgx

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22922

reference_id

reference_type

scores

value	0.00146
scoring_system	epss
scoring_elements	0.34891
published_at	2026-04-01T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.3505
published_at	2026-04-16T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35071
published_at	2026-04-11T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35036
published_at	2026-04-12T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35012
published_at	2026-04-13T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35088
published_at	2026-04-02T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35115
published_at	2026-04-04T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34995
published_at	2026-04-07T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35039
published_at	2026-04-08T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.35067
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22922

reference_url

https://curl.se/docs/CVE-2021-22922.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22922.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1213175
reference_id
reference_type
scores
url	https://hackerone.com/reports/1213175

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1981435
reference_id	1981435
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1981435

reference_url	https://security.archlinux.org/ASA-202107-59
reference_id	ASA-202107-59
reference_type
scores
url	https://security.archlinux.org/ASA-202107-59

reference_url

reference_id

AVG-2194

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json

reference_url	https://security.gentoo.org/glsa/202212-01
reference_id	GLSA-202212-01
reference_type
scores
url	https://security.gentoo.org/glsa/202212-01

reference_url	https://access.redhat.com/errata/RHSA-2021:3582
reference_id	RHSA-2021:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3582

reference_url	https://access.redhat.com/errata/RHSA-2021:3903
reference_id	RHSA-2021:3903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3903

fixed_packages

url pkg:generic/curl.se/curl@7.78.0

purl pkg:generic/curl.se/curl@7.78.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0

aliases CVE-2021-22922

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56wg-yafz-gkgx

url VCID-5jan-pqf6-fyhr

vulnerability_id VCID-5jan-pqf6-fyhr

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8622

reference_id

reference_type

scores

value	0.01634
scoring_system	epss
scoring_elements	0.81845
published_at	2026-04-01T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81947
published_at	2026-04-16T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81901
published_at	2026-04-08T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81908
published_at	2026-04-09T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81927
published_at	2026-04-11T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81915
published_at	2026-04-12T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81911
published_at	2026-04-13T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81856
published_at	2026-04-02T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81879
published_at	2026-04-04T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81875
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8622

reference_url

https://curl.se/docs/CVE-2016-8622.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8622.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388386
reference_id	1388386
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388386

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8622

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jan-pqf6-fyhr

url VCID-6muy-xpdq-9kg8

vulnerability_id VCID-6muy-xpdq-9kg8

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8616

reference_id

reference_type

scores

value	0.0413
scoring_system	epss
scoring_elements	0.88589
published_at	2026-04-01T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88658
published_at	2026-04-16T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88598
published_at	2026-04-02T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88616
published_at	2026-04-04T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88617
published_at	2026-04-07T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88635
published_at	2026-04-08T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.8864
published_at	2026-04-09T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88652
published_at	2026-04-11T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88645
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8616

reference_url

https://curl.se/docs/CVE-2016-8616.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8616.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388371
reference_id	1388371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388371

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8616

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6muy-xpdq-9kg8

url VCID-6we4-n888-6qhe

vulnerability_id VCID-6we4-n888-6qhe

summary libcurl: Buffer Overflow in libcurl via zlib Integer Overflow

references

reference_url

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0725

reference_id

reference_type

scores

value	0.00442
scoring_system	epss
scoring_elements	0.6327
published_at	2026-04-13T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63305
published_at	2026-04-09T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63322
published_at	2026-04-11T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63306
published_at	2026-04-16T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63788
published_at	2026-04-02T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63823
published_at	2026-04-08T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63815
published_at	2026-04-04T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63772
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0725

reference_url

https://curl.se/docs/CVE-2025-0725.html

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/

url

https://curl.se/docs/CVE-2025-0725.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/2956023

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/

url

https://hackerone.com/reports/2956023

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2343899
reference_id	2343899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2343899

reference_url

https://curl.se/docs/CVE-2025-0725.json

reference_id

CVE-2025-0725.json

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/

url

https://curl.se/docs/CVE-2025-0725.json

fixed_packages

url pkg:generic/curl.se/curl@8.12.0

purl pkg:generic/curl.se/curl@8.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-176a-agbw-hqdy

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9mjz-apkm-g7h1

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ksap-zrmb-ebcu

vulnerability	VCID-kt4b-7ffh-4bch

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0

aliases CVE-2025-0725

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6we4-n888-6qhe

url VCID-6yb7-t8qs-cbch

vulnerability_id VCID-6yb7-t8qs-cbch

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_id

reference_type

scores

value	0.03344
scoring_system	epss
scoring_elements	0.87269
published_at	2026-04-02T12:55:00Z

value	0.03344
scoring_system	epss
scoring_elements	0.87259
published_at	2026-04-01T12:55:00Z

value	0.03344
scoring_system	epss
scoring_elements	0.87302
published_at	2026-04-08T12:55:00Z

value	0.03344
scoring_system	epss
scoring_elements	0.87283
published_at	2026-04-07T12:55:00Z

value	0.03344
scoring_system	epss
scoring_elements	0.87285
published_at	2026-04-04T12:55:00Z

value	0.03871
scoring_system	epss
scoring_elements	0.88245
published_at	2026-04-16T12:55:00Z

value	0.03871
scoring_system	epss
scoring_elements	0.88227
published_at	2026-04-09T12:55:00Z

value	0.03871
scoring_system	epss
scoring_elements	0.88238
published_at	2026-04-11T12:55:00Z

value	0.03871
scoring_system	epss
scoring_elements	0.88231
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000007

reference_url

https://curl.se/docs/CVE-2018-1000007.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000007.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125
reference_id	1537125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537125

reference_url	https://security.archlinux.org/ASA-201801-20
reference_id	ASA-201801-20
reference_type
scores
url	https://security.archlinux.org/ASA-201801-20

reference_url	https://security.archlinux.org/ASA-201801-22
reference_id	ASA-201801-22
reference_type
scores
url	https://security.archlinux.org/ASA-201801-22

reference_url	https://security.archlinux.org/ASA-201801-23
reference_id	ASA-201801-23
reference_type
scores
url	https://security.archlinux.org/ASA-201801-23

reference_url	https://security.archlinux.org/ASA-201801-24
reference_id	ASA-201801-24
reference_type
scores
url	https://security.archlinux.org/ASA-201801-24

reference_url	https://security.archlinux.org/ASA-201801-25
reference_id	ASA-201801-25
reference_type
scores
url	https://security.archlinux.org/ASA-201801-25

reference_url	https://security.archlinux.org/ASA-201801-26
reference_id	ASA-201801-26
reference_type
scores
url	https://security.archlinux.org/ASA-201801-26

reference_url

https://security.archlinux.org/AVG-593

reference_id

AVG-593

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-593

reference_url

https://security.archlinux.org/AVG-594

reference_id

AVG-594

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-594

reference_url

https://security.archlinux.org/AVG-595

reference_id

AVG-595

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-595

reference_url

https://security.archlinux.org/AVG-596

reference_id

AVG-596

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-596

reference_url

https://security.archlinux.org/AVG-597

reference_id

AVG-597

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-597

reference_url

https://security.archlinux.org/AVG-598

reference_id

AVG-598

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-598

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

reference_url	https://usn.ubuntu.com/3554-1/
reference_id	USN-3554-1
reference_type
scores
url	https://usn.ubuntu.com/3554-1/

reference_url	https://usn.ubuntu.com/3554-2/
reference_id	USN-3554-2
reference_type
scores
url	https://usn.ubuntu.com/3554-2/

fixed_packages

url pkg:generic/curl.se/curl@7.58.0

purl pkg:generic/curl.se/curl@7.58.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0

aliases CVE-2018-1000007

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yb7-t8qs-cbch

url VCID-7c8e-eaqy-akeu

vulnerability_id VCID-7c8e-eaqy-akeu

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3153

reference_id

reference_type

scores

value	0.0976
scoring_system	epss
scoring_elements	0.9296
published_at	2026-04-16T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92922
published_at	2026-04-01T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.9293
published_at	2026-04-02T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92934
published_at	2026-04-04T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92933
published_at	2026-04-07T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92941
published_at	2026-04-08T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92945
published_at	2026-04-09T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.9295
published_at	2026-04-13T12:55:00Z

value	0.0976
scoring_system	epss
scoring_elements	0.92949
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3153

reference_url

https://curl.se/docs/CVE-2015-3153.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2015-3153.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1217341
reference_id	1217341
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1217341

reference_url	https://usn.ubuntu.com/2591-1/
reference_id	USN-2591-1
reference_type
scores
url	https://usn.ubuntu.com/2591-1/

fixed_packages

url pkg:generic/curl.se/curl@7.42.1

purl pkg:generic/curl.se/curl@7.42.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r447-deb8-2ydj

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yubp-g4rt-c3e6

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.1

aliases CVE-2015-3153

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7c8e-eaqy-akeu

url VCID-7srk-hshe-h3f4

vulnerability_id VCID-7srk-hshe-h3f4

summary

Improper Authentication
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27538

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03579
published_at	2026-04-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03588
published_at	2026-04-04T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03622
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.036
published_at	2026-04-08T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03599
published_at	2026-04-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03574
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05545
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05601
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05595
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27538

reference_url

https://curl.se/docs/CVE-2023-27538.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-27538.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1898475

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/

url

https://hackerone.com/reports/1898475

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179103
reference_id	2179103
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179103

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-27538
reference_id	CVE-2023-27538
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-27538

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

reference_id

msg00025.html

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_id

ntap-20230420-0010

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/

url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_url	https://access.redhat.com/errata/RHSA-2023:6679
reference_id	RHSA-2023:6679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6679

reference_url	https://usn.ubuntu.com/5964-1/
reference_id	USN-5964-1
reference_type
scores
url	https://usn.ubuntu.com/5964-1/

fixed_packages

url pkg:generic/curl.se/curl@8.0.0

purl pkg:generic/curl.se/curl@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0

aliases CVE-2023-27538

risk_score 3.5

exploitability 0.5

weighted_severity 6.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7srk-hshe-h3f4

url VCID-7vt9-pf5q-uqb6

vulnerability_id VCID-7vt9-pf5q-uqb6

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in a Denial of Service condition.

references

reference_url	https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0327

reference_url	https://access.redhat.com/errata/RHSA-2018:3157
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3157

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url	https://access.redhat.com/errata/RHSA-2020:0544
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0544

reference_url	https://access.redhat.com/errata/RHSA-2020:0594
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0594

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000301

reference_id

reference_type

scores

value	0.02712
scoring_system	epss
scoring_elements	0.85931
published_at	2026-04-16T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.85984
published_at	2026-04-07T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.85957
published_at	2026-04-01T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.85968
published_at	2026-04-02T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.8602
published_at	2026-04-13T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.86025
published_at	2026-04-12T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.86027
published_at	2026-04-11T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.86013
published_at	2026-04-09T12:55:00Z

value	0.02761
scoring_system	epss
scoring_elements	0.86003
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000301

reference_url	https://curl.haxx.se/docs/adv_2018-b138.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_2018-b138.html

reference_url

https://curl.se/docs/CVE-2018-1000301.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000301.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html

reference_url	https://usn.ubuntu.com/3598-2/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3598-2/

reference_url	https://www.debian.org/security/2018/dsa-4202
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4202

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/104225
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104225

reference_url	http://www.securitytracker.com/id/1040931
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040931

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1575536
reference_id	1575536
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1575536

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856
reference_id	898856
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856

reference_url	https://security.archlinux.org/ASA-201805-13
reference_id	ASA-201805-13
reference_type
scores
url	https://security.archlinux.org/ASA-201805-13

reference_url	https://security.archlinux.org/ASA-201805-14
reference_id	ASA-201805-14
reference_type
scores
url	https://security.archlinux.org/ASA-201805-14

reference_url	https://security.archlinux.org/ASA-201805-15
reference_id	ASA-201805-15
reference_type
scores
url	https://security.archlinux.org/ASA-201805-15

reference_url	https://security.archlinux.org/ASA-201805-16
reference_id	ASA-201805-16
reference_type
scores
url	https://security.archlinux.org/ASA-201805-16

reference_url	https://security.archlinux.org/ASA-201805-17
reference_id	ASA-201805-17
reference_type
scores
url	https://security.archlinux.org/ASA-201805-17

reference_url	https://security.archlinux.org/ASA-201805-18
reference_id	ASA-201805-18
reference_type
scores
url	https://security.archlinux.org/ASA-201805-18

reference_url

https://security.archlinux.org/AVG-694

reference_id

AVG-694

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-694

reference_url

https://security.archlinux.org/AVG-695

reference_id

AVG-695

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-695

reference_url

https://security.archlinux.org/AVG-696

reference_id

AVG-696

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-696

reference_url

https://security.archlinux.org/AVG-697

reference_id

AVG-697

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-697

reference_url

https://security.archlinux.org/AVG-698

reference_id

AVG-698

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-698

reference_url

https://security.archlinux.org/AVG-699

reference_id

AVG-699

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-699

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::
reference_id	cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*
reference_id	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*
reference_id	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
reference_id	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000301

reference_id

CVE-2018-1000301

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000301

reference_url	https://security.gentoo.org/glsa/201806-05
reference_id	GLSA-201806-05
reference_type
scores
url	https://security.gentoo.org/glsa/201806-05

reference_url	https://usn.ubuntu.com/3648-1/
reference_id	USN-3648-1
reference_type
scores
url	https://usn.ubuntu.com/3648-1/

fixed_packages

url pkg:generic/curl.se/curl@7.60.0

purl pkg:generic/curl.se/curl@7.60.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9cbd-x468-rkaw

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0

aliases CVE-2018-1000301

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7vt9-pf5q-uqb6

url VCID-7xxh-66ys-4bhw

vulnerability_id VCID-7xxh-66ys-4bhw

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5419

reference_id

reference_type

scores

value	0.01968
scoring_system	epss
scoring_elements	0.83461
published_at	2026-04-01T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.8356
published_at	2026-04-16T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83529
published_at	2026-04-12T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83526
published_at	2026-04-13T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83474
published_at	2026-04-02T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83488
published_at	2026-04-04T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83487
published_at	2026-04-07T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83511
published_at	2026-04-08T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83521
published_at	2026-04-09T12:55:00Z

value	0.01968
scoring_system	epss
scoring_elements	0.83535
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5419

reference_url

https://curl.se/docs/CVE-2016-5419.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-5419.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1362183
reference_id	1362183
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1362183

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2016:2575
reference_id	RHSA-2016:2575
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2575

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/3048-1/
reference_id	USN-3048-1
reference_type
scores
url	https://usn.ubuntu.com/3048-1/

fixed_packages

url pkg:generic/curl.se/curl@7.50.1

purl pkg:generic/curl.se/curl@7.50.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1

aliases CVE-2016-5419

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xxh-66ys-4bhw

url VCID-87qu-j64w-p7fj

vulnerability_id VCID-87qu-j64w-p7fj

summary unchecked ssl certificate host name

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4545.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4545

reference_id

reference_type

scores

value	0.00353
scoring_system	epss
scoring_elements	0.57761
published_at	2026-04-16T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57618
published_at	2026-04-01T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57702
published_at	2026-04-02T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57724
published_at	2026-04-04T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57699
published_at	2026-04-07T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57754
published_at	2026-04-08T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57756
published_at	2026-04-09T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57772
published_at	2026-04-11T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57751
published_at	2026-04-12T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57731
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4545

reference_url

https://curl.se/docs/CVE-2013-4545.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-4545.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1029159
reference_id	1029159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1029159

reference_url	https://usn.ubuntu.com/2048-1/
reference_id	USN-2048-1
reference_type
scores
url	https://usn.ubuntu.com/2048-1/

fixed_packages

url pkg:generic/curl.se/curl@7.33.0

purl pkg:generic/curl.se/curl@7.33.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4mk9-5buz-puh5

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bdrx-sm6b-sken

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c2na-7q9e-47am

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-ma8s-he6x-z7a8

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-ya9y-nav3-37hh

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-z8h3-fdj8-xuaa

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.33.0

aliases CVE-2013-4545

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87qu-j64w-p7fj

url VCID-8zks-th64-33b8

vulnerability_id VCID-8zks-th64-33b8

summary curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-3784

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.03044
published_at	2026-04-11T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03051
published_at	2026-04-04T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03081
published_at	2026-04-09T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03056
published_at	2026-04-08T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03053
published_at	2026-04-07T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03037
published_at	2026-04-02T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03659
published_at	2026-04-16T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03709
published_at	2026-04-12T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03683
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-3784

reference_url

https://curl.se/docs/CVE-2026-3784.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/

url

https://curl.se/docs/CVE-2026-3784.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/3584903

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/

url

https://hackerone.com/reports/3584903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2446449
reference_id	2446449
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2446449

reference_url

https://curl.se/docs/CVE-2026-3784.json

reference_id

CVE-2026-3784.json

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/

url

https://curl.se/docs/CVE-2026-3784.json

reference_url	https://usn.ubuntu.com/8084-1/
reference_id	USN-8084-1
reference_type
scores
url	https://usn.ubuntu.com/8084-1/

reference_url	https://usn.ubuntu.com/8099-1/
reference_id	USN-8099-1
reference_type
scores
url	https://usn.ubuntu.com/8099-1/

fixed_packages

url	pkg:generic/curl.se/curl@8.19.0
purl	pkg:generic/curl.se/curl@8.19.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0

aliases CVE-2026-3784

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zks-th64-33b8

url VCID-9ggp-5wfj-ufcq

vulnerability_id VCID-9ggp-5wfj-ufcq

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-43552

reference_id

reference_type

scores

value	0.00203
scoring_system	epss
scoring_elements	0.42409
published_at	2026-04-13T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42428
published_at	2026-04-02T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42458
published_at	2026-04-16T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42397
published_at	2026-04-07T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42447
published_at	2026-04-08T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42455
published_at	2026-04-09T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42477
published_at	2026-04-11T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.4244
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-43552

reference_url

https://curl.se/docs/CVE-2022-43552.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-43552.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1764858

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/

url

https://hackerone.com/reports/1764858

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830
reference_id	1026830
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830

reference_url

http://seclists.org/fulldisclosure/2023/Mar/17

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/

url

http://seclists.org/fulldisclosure/2023/Mar/17

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2152652
reference_id	2152652
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2152652

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/

url

https://support.apple.com/kb/HT213670

reference_url

reference_id

HT213670

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/

url

https://support.apple.com/kb/HT213670

reference_url

https://security.netapp.com/advisory/ntap-20230214-0002/

reference_id

ntap-20230214-0002

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/

url

https://security.netapp.com/advisory/ntap-20230214-0002/

reference_url	https://access.redhat.com/errata/RHSA-2023:2478
reference_id	RHSA-2023:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2478

reference_url	https://access.redhat.com/errata/RHSA-2023:2963
reference_id	RHSA-2023:2963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2963

reference_url	https://access.redhat.com/errata/RHSA-2023:3354
reference_id	RHSA-2023:3354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3354

reference_url	https://access.redhat.com/errata/RHSA-2023:3355
reference_id	RHSA-2023:3355
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3355

reference_url	https://access.redhat.com/errata/RHSA-2023:7743
reference_id	RHSA-2023:7743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7743

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://usn.ubuntu.com/5788-1/
reference_id	USN-5788-1
reference_type
scores
url	https://usn.ubuntu.com/5788-1/

reference_url	https://usn.ubuntu.com/5894-1/
reference_id	USN-5894-1
reference_type
scores
url	https://usn.ubuntu.com/5894-1/

fixed_packages

url pkg:generic/curl.se/curl@7.87.0

purl pkg:generic/curl.se/curl@7.87.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0

aliases CVE-2022-43552

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ggp-5wfj-ufcq

url VCID-9nak-pscy-e7gs

vulnerability_id VCID-9nak-pscy-e7gs

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32221

reference_id

reference_type

scores

value	0.01681
scoring_system	epss
scoring_elements	0.82218
published_at	2026-04-16T12:55:00Z

value	0.01681
scoring_system	epss
scoring_elements	0.82185
published_at	2026-04-12T12:55:00Z

value	0.01681
scoring_system	epss
scoring_elements	0.82179
published_at	2026-04-13T12:55:00Z

value	0.02591
scoring_system	epss
scoring_elements	0.8553
published_at	2026-04-02T12:55:00Z

value	0.02591
scoring_system	epss
scoring_elements	0.85547
published_at	2026-04-04T12:55:00Z

value	0.02753
scoring_system	epss
scoring_elements	0.85998
published_at	2026-04-09T12:55:00Z

value	0.02753
scoring_system	epss
scoring_elements	0.86012
published_at	2026-04-11T12:55:00Z

value	0.02753
scoring_system	epss
scoring_elements	0.85988
published_at	2026-04-08T12:55:00Z

value	0.02753
scoring_system	epss
scoring_elements	0.85969
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32221

reference_url

https://curl.se/docs/CVE-2022-32221.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-32221.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1704017

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://hackerone.com/reports/1704017

reference_url

http://seclists.org/fulldisclosure/2023/Jan/19

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

http://seclists.org/fulldisclosure/2023/Jan/19

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

http://www.openwall.com/lists/oss-security/2023/05/17/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2135411
reference_id	2135411
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2135411

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

http://www.openwall.com/lists/oss-security/2023/05/17/4

reference_url

https://www.debian.org/security/2023/dsa-5330

reference_id

dsa-5330

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://www.debian.org/security/2023/dsa-5330

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

reference_url

reference_id

HT213604

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://support.apple.com/kb/HT213605

reference_url

reference_id

HT213605

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://support.apple.com/kb/HT213605

reference_url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_id

msg00028.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

reference_url

https://security.netapp.com/advisory/ntap-20230110-0006/

reference_id

ntap-20230110-0006

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://security.netapp.com/advisory/ntap-20230110-0006/

reference_url

https://security.netapp.com/advisory/ntap-20230208-0002/

reference_id

ntap-20230208-0002

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/

url

https://security.netapp.com/advisory/ntap-20230208-0002/

reference_url	https://access.redhat.com/errata/RHSA-2022:8840
reference_id	RHSA-2022:8840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8840

reference_url	https://access.redhat.com/errata/RHSA-2022:8841
reference_id	RHSA-2022:8841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8841

reference_url	https://access.redhat.com/errata/RHSA-2023:0333
reference_id	RHSA-2023:0333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0333

reference_url	https://access.redhat.com/errata/RHSA-2023:4139
reference_id	RHSA-2023:4139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4139

reference_url	https://usn.ubuntu.com/5702-1/
reference_id	USN-5702-1
reference_type
scores
url	https://usn.ubuntu.com/5702-1/

reference_url	https://usn.ubuntu.com/5702-2/
reference_id	USN-5702-2
reference_type
scores
url	https://usn.ubuntu.com/5702-2/

reference_url	https://usn.ubuntu.com/5823-1/
reference_id	USN-5823-1
reference_type
scores
url	https://usn.ubuntu.com/5823-1/

fixed_packages

url pkg:generic/curl.se/curl@7.86.0

purl pkg:generic/curl.se/curl@7.86.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0

aliases CVE-2022-32221

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9nak-pscy-e7gs

url VCID-a3v7-ptf1-6qgd

vulnerability_id VCID-a3v7-ptf1-6qgd

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7141

reference_id

reference_type

scores

value	0.00524
scoring_system	epss
scoring_elements	0.66857
published_at	2026-04-01T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66895
published_at	2026-04-07T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66921
published_at	2026-04-04T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66943
published_at	2026-04-08T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66957
published_at	2026-04-09T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66977
published_at	2026-04-11T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66963
published_at	2026-04-12T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66932
published_at	2026-04-13T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66964
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7141

reference_url

https://curl.se/docs/CVE-2016-7141.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-7141.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7141

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1373229
reference_id	1373229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1373229

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918
reference_id	836918
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836918

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2016:2575
reference_id	RHSA-2016:2575
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2575

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.50.2

purl pkg:generic/curl.se/curl@7.50.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.2

aliases CVE-2016-7141

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3v7-ptf1-6qgd

url VCID-a9b6-m25r-kygw

vulnerability_id VCID-a9b6-m25r-kygw

summary The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9952

reference_id

reference_type

scores

value	0.01005
scoring_system	epss
scoring_elements	0.77078
published_at	2026-04-16T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77035
published_at	2026-04-09T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77063
published_at	2026-04-11T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77042
published_at	2026-04-12T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77037
published_at	2026-04-13T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.76977
published_at	2026-04-01T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.76983
published_at	2026-04-02T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77012
published_at	2026-04-04T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.76993
published_at	2026-04-07T12:55:00Z

value	0.01005
scoring_system	epss
scoring_elements	0.77025
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9952

reference_url

https://curl.se/docs/CVE-2016-9952.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-9952.html

reference_url

https://curl.haxx.se/docs/adv_20161221B.html

reference_id

adv_20161221B.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/

url

https://curl.haxx.se/docs/adv_20161221B.html

reference_url

https://curl.haxx.se/CVE-2016-9952.patch

reference_id

CVE-2016-9952.patch

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/

url

https://curl.haxx.se/CVE-2016-9952.patch

fixed_packages

url pkg:generic/curl.se/curl@7.52.0

purl pkg:generic/curl.se/curl@7.52.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-36n6-qanf-nue8

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-hyqp-z8hb-fqbt

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-q3hu-8uy5-e3a4

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0

aliases CVE-2016-9952

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-m25r-kygw

url VCID-ae59-w7a1-7keg

vulnerability_id VCID-ae59-w7a1-7keg

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:2486
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2486

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000254

reference_id

reference_type

scores

value	0.01178
scoring_system	epss
scoring_elements	0.78736
published_at	2026-04-12T12:55:00Z

value	0.01178
scoring_system	epss
scoring_elements	0.78727
published_at	2026-04-13T12:55:00Z

value	0.01318
scoring_system	epss
scoring_elements	0.79891
published_at	2026-04-16T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80036
published_at	2026-04-01T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80043
published_at	2026-04-02T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80064
published_at	2026-04-04T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80053
published_at	2026-04-07T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80081
published_at	2026-04-08T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80089
published_at	2026-04-09T12:55:00Z

value	0.01348
scoring_system	epss
scoring_elements	0.80109
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000254

reference_url	https://curl.haxx.se/673d0cd8.patch
reference_id
reference_type
scores
url	https://curl.haxx.se/673d0cd8.patch

reference_url	https://curl.haxx.se/docs/adv_20171004.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20171004.html

reference_url

https://curl.se/docs/CVE-2017-1000254.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-1000254.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://support.apple.com/HT208331
reference_id
reference_type
scores
url	https://support.apple.com/HT208331

reference_url	http://www.debian.org/security/2017/dsa-3992
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3992

reference_url	http://www.securityfocus.com/bid/101115
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101115

reference_url	http://www.securitytracker.com/id/1039509
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039509

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495541
reference_id	1495541
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495541

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671
reference_id	877671
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671

reference_url	https://security.archlinux.org/ASA-201710-2
reference_id	ASA-201710-2
reference_type
scores
url	https://security.archlinux.org/ASA-201710-2

reference_url	https://security.archlinux.org/ASA-201710-3
reference_id	ASA-201710-3
reference_type
scores
url	https://security.archlinux.org/ASA-201710-3

reference_url	https://security.archlinux.org/ASA-201710-4
reference_id	ASA-201710-4
reference_type
scores
url	https://security.archlinux.org/ASA-201710-4

reference_url	https://security.archlinux.org/ASA-201710-5
reference_id	ASA-201710-5
reference_type
scores
url	https://security.archlinux.org/ASA-201710-5

reference_url	https://security.archlinux.org/ASA-201710-6
reference_id	ASA-201710-6
reference_type
scores
url	https://security.archlinux.org/ASA-201710-6

reference_url	https://security.archlinux.org/ASA-201710-7
reference_id	ASA-201710-7
reference_type
scores
url	https://security.archlinux.org/ASA-201710-7

reference_url

reference_id

AVG-371

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-386

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-387

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-388

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-389

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-422

reference_url

reference_id

AVG-422

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-422

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.10.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.13.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.14.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.39:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.40.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.41.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.42.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:::::::*

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:::::::*

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.43.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:::::::*

112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.44.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:::::::*

113

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.45.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:::::::*

114

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.46.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:::::::*

115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.47.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:::::::*

116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.47.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:::::::*

117

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.48.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:::::::*

118

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.49.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:::::::*

119

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.49.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:::::::*

120

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:::::::*

121

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:::::::*

122

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:::::::*

123

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:::::::*

124

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.51.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:::::::*

125

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.52.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:::::::*

126

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.52.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:::::::*

127

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.53.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:::::::*

128

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.53.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:::::::*

129

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.54.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:::::::*

130

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.54.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:::::::*

131

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.55.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:::::::*

132

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.55.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:::::::*

133

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:::::::*

134

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:::::::*

135

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:::::::*

136

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:::::::*

137

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:::::::*

138

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:::::::*

139

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:::::::*

140

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:::::::*

141

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:::::::*

142

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:::::::*

143

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:::::::*

144

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:::::::*

145

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:::::::*

146

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:::::::*

147

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.9.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:::::::*

148

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000254

reference_id

CVE-2017-1000254

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000254

149

reference_url	https://security.gentoo.org/glsa/201712-04
reference_id	GLSA-201712-04
reference_type
scores
url	https://security.gentoo.org/glsa/201712-04

150

reference_url	https://usn.ubuntu.com/3441-1/
reference_id	USN-3441-1
reference_type
scores
url	https://usn.ubuntu.com/3441-1/

151

reference_url	https://usn.ubuntu.com/3441-2/
reference_id	USN-3441-2
reference_type
scores
url	https://usn.ubuntu.com/3441-2/

fixed_packages

url pkg:generic/curl.se/curl@7.56.0

purl pkg:generic/curl.se/curl@7.56.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-drkp-q9r5-ukcm

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.56.0

aliases CVE-2017-1000254

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ae59-w7a1-7keg

url VCID-arjz-67yz-wkg9

vulnerability_id VCID-arjz-67yz-wkg9

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27533

reference_id

reference_type

scores

value	0.00186
scoring_system	epss
scoring_elements	0.40463
published_at	2026-04-16T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40439
published_at	2026-04-02T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40465
published_at	2026-04-04T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40389
published_at	2026-04-07T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.4044
published_at	2026-04-08T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40451
published_at	2026-04-09T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40472
published_at	2026-04-11T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40434
published_at	2026-04-12T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40415
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27533

reference_url

https://curl.se/docs/CVE-2023-27533.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-27533.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1891474

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/

url

https://hackerone.com/reports/1891474

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179062
reference_id	2179062
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179062

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_id

36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

reference_id

msg00025.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20230420-0011/

reference_id

ntap-20230420-0011

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/

url

https://security.netapp.com/advisory/ntap-20230420-0011/

reference_url	https://access.redhat.com/errata/RHSA-2023:3354
reference_id	RHSA-2023:3354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3354

reference_url	https://access.redhat.com/errata/RHSA-2023:3355
reference_id	RHSA-2023:3355
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3355

reference_url	https://access.redhat.com/errata/RHSA-2023:6679
reference_id	RHSA-2023:6679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6679

reference_url	https://usn.ubuntu.com/5964-1/
reference_id	USN-5964-1
reference_type
scores
url	https://usn.ubuntu.com/5964-1/

reference_url	https://usn.ubuntu.com/5964-2/
reference_id	USN-5964-2
reference_type
scores
url	https://usn.ubuntu.com/5964-2/

fixed_packages

url pkg:generic/curl.se/curl@8.0.0

purl pkg:generic/curl.se/curl@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0

aliases CVE-2023-27533

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arjz-67yz-wkg9

url VCID-b2ef-zj3u-rbhy

vulnerability_id VCID-b2ef-zj3u-rbhy

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	http://curl.haxx.se/docs/adv_20160127A.html
reference_id
reference_type
scores
url	http://curl.haxx.se/docs/adv_20160127A.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html

reference_url	http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0755.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0755

reference_id

reference_type

scores

value	0.00412
scoring_system	epss
scoring_elements	0.61492
published_at	2026-04-16T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61471
published_at	2026-04-12T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61452
published_at	2026-04-13T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61326
published_at	2026-04-01T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61402
published_at	2026-04-02T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61431
published_at	2026-04-04T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61401
published_at	2026-04-07T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61447
published_at	2026-04-08T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61463
published_at	2026-04-09T12:55:00Z

value	0.00412
scoring_system	epss
scoring_elements	0.61484
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0755

reference_url

https://curl.se/docs/CVE-2016-0755.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-0755.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755

reference_url	https://support.apple.com/HT207170
reference_id
reference_type
scores
url	https://support.apple.com/HT207170

reference_url	http://www.debian.org/security/2016/dsa-3455
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3455

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/82307
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/82307

reference_url	http://www.securitytracker.com/id/1034882
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034882

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965

reference_url	http://www.ubuntu.com/usn/USN-2882-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2882-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302263
reference_id	1302263
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302263

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0755

reference_id

CVE-2016-0755

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0755

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/2882-1/
reference_id	USN-2882-1
reference_type
scores
url	https://usn.ubuntu.com/2882-1/

fixed_packages

url pkg:generic/curl.se/curl@7.47.0

purl pkg:generic/curl.se/curl@7.47.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0

aliases CVE-2016-0755

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b2ef-zj3u-rbhy

url VCID-bdrx-sm6b-sken

vulnerability_id VCID-bdrx-sm6b-sken

summary

Multiple vulnerabilities have been found in cURL, allowing
    attackers to execute arbitrary code or cause Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6422.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6422

reference_id

reference_type

scores

value	0.00253
scoring_system	epss
scoring_elements	0.48719
published_at	2026-04-16T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.486
published_at	2026-04-01T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48641
published_at	2026-04-02T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48663
published_at	2026-04-04T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48615
published_at	2026-04-07T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48669
published_at	2026-04-08T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48666
published_at	2026-04-09T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48684
published_at	2026-04-11T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48658
published_at	2026-04-12T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.4867
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6422

reference_url

https://curl.se/docs/CVE-2013-6422.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-6422.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1037918
reference_id	1037918
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1037918

reference_url	https://security.gentoo.org/glsa/201401-14
reference_id	GLSA-201401-14
reference_type
scores
url	https://security.gentoo.org/glsa/201401-14

reference_url	https://usn.ubuntu.com/2058-1/
reference_id	USN-2058-1
reference_type
scores
url	https://usn.ubuntu.com/2058-1/

fixed_packages

url pkg:generic/curl.se/curl@7.34.0

purl pkg:generic/curl.se/curl@7.34.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4mk9-5buz-puh5

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c2na-7q9e-47am

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-ma8s-he6x-z7a8

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-ya9y-nav3-37hh

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-z8h3-fdj8-xuaa

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.34.0

aliases CVE-2013-6422

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdrx-sm6b-sken

url VCID-bv57-gvfs-qfhj

vulnerability_id VCID-bv57-gvfs-qfhj

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000121

reference_id

reference_type

scores

value	0.03154
scoring_system	epss
scoring_elements	0.86848
published_at	2026-04-01T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86919
published_at	2026-04-16T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86858
published_at	2026-04-02T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86877
published_at	2026-04-04T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86872
published_at	2026-04-07T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86891
published_at	2026-04-08T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.869
published_at	2026-04-09T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86913
published_at	2026-04-11T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86908
published_at	2026-04-12T12:55:00Z

value	0.03154
scoring_system	epss
scoring_elements	0.86902
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000121

reference_url

https://curl.se/docs/CVE-2018-1000121.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000121.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1552631
reference_id	1552631
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1552631

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546
reference_id	893546
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546

reference_url	https://security.archlinux.org/ASA-201803-15
reference_id	ASA-201803-15
reference_type
scores
url	https://security.archlinux.org/ASA-201803-15

reference_url	https://security.archlinux.org/ASA-201803-16
reference_id	ASA-201803-16
reference_type
scores
url	https://security.archlinux.org/ASA-201803-16

reference_url	https://security.archlinux.org/ASA-201803-17
reference_id	ASA-201803-17
reference_type
scores
url	https://security.archlinux.org/ASA-201803-17

reference_url	https://security.archlinux.org/ASA-201803-18
reference_id	ASA-201803-18
reference_type
scores
url	https://security.archlinux.org/ASA-201803-18

reference_url	https://security.archlinux.org/ASA-201803-19
reference_id	ASA-201803-19
reference_type
scores
url	https://security.archlinux.org/ASA-201803-19

reference_url	https://security.archlinux.org/ASA-201803-20
reference_id	ASA-201803-20
reference_type
scores
url	https://security.archlinux.org/ASA-201803-20

reference_url

reference_id

AVG-653

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-654

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-655

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-656

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-660

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-661

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0015

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

fixed_packages

url pkg:generic/curl.se/curl@7.59.0

purl pkg:generic/curl.se/curl@7.59.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9cbd-x468-rkaw

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0

aliases CVE-2018-1000121

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv57-gvfs-qfhj

url VCID-c2na-7q9e-47am

vulnerability_id VCID-c2na-7q9e-47am

summary information disclosure

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0015.json

reference_url

reference_id

reference_type

scores

value	0.01396
scoring_system	epss
scoring_elements	0.80422
published_at	2026-04-16T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80393
published_at	2026-04-13T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80342
published_at	2026-04-01T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80348
published_at	2026-04-02T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80368
published_at	2026-04-04T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80357
published_at	2026-04-07T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80386
published_at	2026-04-08T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80396
published_at	2026-04-09T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.80415
published_at	2026-04-11T12:55:00Z

value	0.01396
scoring_system	epss
scoring_elements	0.804
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0015

reference_url

https://curl.se/docs/CVE-2014-0015.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0015.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1053903
reference_id	1053903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1053903

reference_url	https://access.redhat.com/errata/RHSA-2014:0561
reference_id	RHSA-2014:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0561

reference_url	https://usn.ubuntu.com/2097-1/
reference_id	USN-2097-1
reference_type
scores
url	https://usn.ubuntu.com/2097-1/

fixed_packages

url pkg:generic/curl.se/curl@7.35.0

purl pkg:generic/curl.se/curl@7.35.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4mk9-5buz-puh5

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-ma8s-he6x-z7a8

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-ya9y-nav3-37hh

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-z8h3-fdj8-xuaa

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.35.0

aliases CVE-2014-0015

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2na-7q9e-47am

url VCID-c6dk-7gj6-7far

vulnerability_id VCID-c6dk-7gj6-7far

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8623

reference_id

reference_type

scores

value	0.00837
scoring_system	epss
scoring_elements	0.74617
published_at	2026-04-01T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74699
published_at	2026-04-16T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74621
published_at	2026-04-07T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74647
published_at	2026-04-04T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74653
published_at	2026-04-08T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74667
published_at	2026-04-09T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7469
published_at	2026-04-11T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7467
published_at	2026-04-12T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74662
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8623

reference_url

https://curl.se/docs/CVE-2016-8623.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8623.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388388
reference_id	1388388
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388388

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8623

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c6dk-7gj6-7far

url VCID-cbah-e86c-w3fj

vulnerability_id VCID-cbah-e86c-w3fj

summary

Improper Authentication
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27535

reference_id

reference_type

scores

value	0.00065
scoring_system	epss
scoring_elements	0.20226
published_at	2026-04-16T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20386
published_at	2026-04-02T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20446
published_at	2026-04-04T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.2017
published_at	2026-04-07T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20251
published_at	2026-04-08T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20311
published_at	2026-04-09T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20341
published_at	2026-04-11T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20295
published_at	2026-04-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20236
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27535

reference_url

https://curl.se/docs/CVE-2023-27535.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-27535.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1892780

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/

url

https://hackerone.com/reports/1892780

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179073
reference_id	2179073
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179073

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_id

36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-27535
reference_id	CVE-2023-27535
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-27535

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

reference_id

msg00025.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_id

ntap-20230420-0010

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/

url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_url	https://access.redhat.com/errata/RHSA-2023:2650
reference_id	RHSA-2023:2650
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2650

reference_url	https://access.redhat.com/errata/RHSA-2023:3106
reference_id	RHSA-2023:3106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3106

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://usn.ubuntu.com/5964-1/
reference_id	USN-5964-1
reference_type
scores
url	https://usn.ubuntu.com/5964-1/

reference_url	https://usn.ubuntu.com/5964-2/
reference_id	USN-5964-2
reference_type
scores
url	https://usn.ubuntu.com/5964-2/

fixed_packages

url pkg:generic/curl.se/curl@8.0.0

purl pkg:generic/curl.se/curl@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0

aliases CVE-2023-27535

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbah-e86c-w3fj

url VCID-cbph-fu9d-gbah

vulnerability_id VCID-cbph-fu9d-gbah

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000122

reference_id

reference_type

scores

value	0.01942
scoring_system	epss
scoring_elements	0.83368
published_at	2026-04-01T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.8347
published_at	2026-04-16T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.83381
published_at	2026-04-02T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.83396
published_at	2026-04-07T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.8342
published_at	2026-04-08T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.8343
published_at	2026-04-09T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.83445
published_at	2026-04-11T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.83439
published_at	2026-04-12T12:55:00Z

value	0.01942
scoring_system	epss
scoring_elements	0.83435
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000122

reference_url

https://curl.se/docs/CVE-2018-1000122.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-1000122.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1553398
reference_id	1553398
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1553398

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546
reference_id	893546
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546

reference_url	https://security.archlinux.org/ASA-201803-15
reference_id	ASA-201803-15
reference_type
scores
url	https://security.archlinux.org/ASA-201803-15

reference_url	https://security.archlinux.org/ASA-201803-16
reference_id	ASA-201803-16
reference_type
scores
url	https://security.archlinux.org/ASA-201803-16

reference_url	https://security.archlinux.org/ASA-201803-17
reference_id	ASA-201803-17
reference_type
scores
url	https://security.archlinux.org/ASA-201803-17

reference_url	https://security.archlinux.org/ASA-201803-18
reference_id	ASA-201803-18
reference_type
scores
url	https://security.archlinux.org/ASA-201803-18

reference_url	https://security.archlinux.org/ASA-201803-19
reference_id	ASA-201803-19
reference_type
scores
url	https://security.archlinux.org/ASA-201803-19

reference_url	https://security.archlinux.org/ASA-201803-20
reference_id	ASA-201803-20
reference_type
scores
url	https://security.archlinux.org/ASA-201803-20

reference_url

reference_id

AVG-653

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-654

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-655

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-656

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-660

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-661

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

fixed_packages

url pkg:generic/curl.se/curl@7.59.0

purl pkg:generic/curl.se/curl@7.59.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9cbd-x468-rkaw

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0

aliases CVE-2018-1000122

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbph-fu9d-gbah

url VCID-cp4n-p2z3-43b4

vulnerability_id VCID-cp4n-p2z3-43b4

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in information disclosure or data loss.

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8177

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05444
published_at	2026-04-01T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05476
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05545
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05532
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05526
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05479
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05514
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05549
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0557
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8177

reference_url

https://curl.se/docs/CVE-2020-8177.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8177.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/887462
reference_id
reference_type
scores
url	https://hackerone.com/reports/887462

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847915
reference_id	1847915
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847915

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281
reference_id	965281
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281

reference_url

https://security.archlinux.org/AVG-1194

reference_id

AVG-1194

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1194

reference_url	https://security.gentoo.org/glsa/202007-16
reference_id	GLSA-202007-16
reference_type
scores
url	https://security.gentoo.org/glsa/202007-16

reference_url	https://access.redhat.com/errata/RHSA-2020:4599
reference_id	RHSA-2020:4599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4599

reference_url	https://access.redhat.com/errata/RHSA-2020:5002
reference_id	RHSA-2020:5002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5002

reference_url	https://access.redhat.com/errata/RHSA-2020:5417
reference_id	RHSA-2020:5417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5417

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4402-1/
reference_id	USN-4402-1
reference_type
scores
url	https://usn.ubuntu.com/4402-1/

fixed_packages

url pkg:generic/curl.se/curl@7.71.0

purl pkg:generic/curl.se/curl@7.71.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-frgg-29yv-dyf7

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.71.0

aliases CVE-2020-8177

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp4n-p2z3-43b4

url VCID-ddgz-rczw-jqfw

vulnerability_id VCID-ddgz-rczw-jqfw

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28320

reference_id

reference_type

scores

value	0.00538
scoring_system	epss
scoring_elements	0.67581
published_at	2026-04-16T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67504
published_at	2026-04-07T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67526
published_at	2026-04-04T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67556
published_at	2026-04-08T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.6757
published_at	2026-04-09T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67592
published_at	2026-04-11T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67579
published_at	2026-04-12T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67546
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28320

reference_url

https://curl.se/docs/CVE-2023-28320.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-28320.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1929597

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

https://hackerone.com/reports/1929597

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
reference_id	1036239
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2196783
reference_id	2196783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2196783

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

HT213843

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

HT213844

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

reference_url

reference_id

HT213845

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_url

reference_id

ntap-20230609-0009

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/

url

https://security.netapp.com/advisory/ntap-20230609-0009/

fixed_packages

url pkg:generic/curl.se/curl@8.1.0

purl pkg:generic/curl.se/curl@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0

aliases CVE-2023-28320

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddgz-rczw-jqfw

url VCID-dgtq-eaav-jyhf

vulnerability_id VCID-dgtq-eaav-jyhf

summary

Out-of-bounds Write
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

references

reference_url

https://access.redhat.com/errata/RHBA-2019:0327

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2019:0327

reference_url

https://access.redhat.com/errata/RHSA-2018:3157

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3157

reference_url

https://access.redhat.com/errata/RHSA-2018:3558

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3558

reference_url

https://access.redhat.com/errata/RHSA-2019:1543

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:1543

reference_url

https://access.redhat.com/errata/RHSA-2020:0544

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0544

reference_url

https://access.redhat.com/errata/RHSA-2020:0594

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0594

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000120

reference_id

reference_type

scores

value	0.0154
scoring_system	epss
scoring_elements	0.81402
published_at	2026-04-16T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81302
published_at	2026-04-01T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81312
published_at	2026-04-02T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81334
published_at	2026-04-04T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81332
published_at	2026-04-07T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81361
published_at	2026-04-08T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81366
published_at	2026-04-09T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81387
published_at	2026-04-11T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81372
published_at	2026-04-12T12:55:00Z

value	0.0154
scoring_system	epss
scoring_elements	0.81365
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000120

reference_url

https://curl.haxx.se/docs/adv_2018-9cd6.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://curl.haxx.se/docs/adv_2018-9cd6.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/coapp-packages/curl

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/coapp-packages/curl

reference_url

https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html

reference_url

https://usn.ubuntu.com/3598-1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/3598-1

reference_url	https://usn.ubuntu.com/3598-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3598-1/

reference_url

https://usn.ubuntu.com/3598-2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/3598-2

reference_url	https://usn.ubuntu.com/3598-2/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3598-2/

reference_url

https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531

reference_url

https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414

reference_url

https://www.debian.org/security/2018/dsa-4136

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2018/dsa-4136

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1552628
reference_id	1552628
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1552628

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546
reference_id	893546
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546

reference_url	https://security.archlinux.org/ASA-201803-15
reference_id	ASA-201803-15
reference_type
scores
url	https://security.archlinux.org/ASA-201803-15

reference_url	https://security.archlinux.org/ASA-201803-16
reference_id	ASA-201803-16
reference_type
scores
url	https://security.archlinux.org/ASA-201803-16

reference_url	https://security.archlinux.org/ASA-201803-17
reference_id	ASA-201803-17
reference_type
scores
url	https://security.archlinux.org/ASA-201803-17

reference_url	https://security.archlinux.org/ASA-201803-18
reference_id	ASA-201803-18
reference_type
scores
url	https://security.archlinux.org/ASA-201803-18

reference_url	https://security.archlinux.org/ASA-201803-19
reference_id	ASA-201803-19
reference_type
scores
url	https://security.archlinux.org/ASA-201803-19

reference_url	https://security.archlinux.org/ASA-201803-20
reference_id	ASA-201803-20
reference_type
scores
url	https://security.archlinux.org/ASA-201803-20

reference_url

reference_id

AVG-653

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-654

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-655

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-656

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-660

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-661

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000120

reference_url

reference_id

CVE-2018-1000120

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000120

reference_url

https://curl.se/docs/CVE-2018-1000120.html

reference_id

CVE-2018-1000120.HTML

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	High
scoring_system	cvssv3.1
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://curl.se/docs/CVE-2018-1000120.html

reference_url

https://github.com/advisories/GHSA-674j-7m97-j2p9

reference_id

GHSA-674j-7m97-j2p9

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-674j-7m97-j2p9

reference_url	https://security.gentoo.org/glsa/201804-04
reference_id	GLSA-201804-04
reference_type
scores
url	https://security.gentoo.org/glsa/201804-04

fixed_packages

url pkg:generic/curl.se/curl@7.59.0

purl pkg:generic/curl.se/curl@7.59.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9cbd-x468-rkaw

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0

aliases CVE-2018-1000120, GHSA-674j-7m97-j2p9

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgtq-eaav-jyhf

url VCID-dzzd-afgu-3fcy

vulnerability_id VCID-dzzd-afgu-3fcy

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

reference_id

reference_type

scores

value	0.0123
scoring_system	epss
scoring_elements	0.79187
published_at	2026-04-16T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79112
published_at	2026-04-01T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79119
published_at	2026-04-02T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79144
published_at	2026-04-04T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79129
published_at	2026-04-07T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79153
published_at	2026-04-08T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79161
published_at	2026-04-13T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.79185
published_at	2026-04-11T12:55:00Z

value	0.0123
scoring_system	epss
scoring_elements	0.7917
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8150

reference_url

https://curl.se/docs/CVE-2014-8150.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-8150.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692
reference_id	1178692
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1178692

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2474-1/
reference_id	USN-2474-1
reference_type
scores
url	https://usn.ubuntu.com/2474-1/

fixed_packages

url pkg:generic/curl.se/curl@7.40.0

purl pkg:generic/curl.se/curl@7.40.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qka4-jfdb-w3d5

vulnerability	VCID-r447-deb8-2ydj

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yubp-g4rt-c3e6

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.40.0

aliases CVE-2014-8150

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzzd-afgu-3fcy

url VCID-e58m-g37d-9fd6

vulnerability_id VCID-e58m-g37d-9fd6

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_id

reference_type

scores

value	0.01346
scoring_system	epss
scoring_elements	0.80023
published_at	2026-04-01T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80102
published_at	2026-04-16T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.8003
published_at	2026-04-02T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80052
published_at	2026-04-04T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80042
published_at	2026-04-07T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80069
published_at	2026-04-08T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80078
published_at	2026-04-09T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80098
published_at	2026-04-11T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80082
published_at	2026-04-12T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80073
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8624

reference_url

https://curl.se/docs/CVE-2016-8624.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8624.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390
reference_id	1388390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388390

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3739

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8624

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e58m-g37d-9fd6

url VCID-eap9-v2gp-fqgh

vulnerability_id VCID-eap9-v2gp-fqgh

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json

reference_url

reference_id

reference_type

scores

value	0.01068
scoring_system	epss
scoring_elements	0.77748
published_at	2026-04-16T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77712
published_at	2026-04-12T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77711
published_at	2026-04-13T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77652
published_at	2026-04-01T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77659
published_at	2026-04-02T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77686
published_at	2026-04-04T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77669
published_at	2026-04-07T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77696
published_at	2026-04-08T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77702
published_at	2026-04-09T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77728
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3739

reference_url	https://curl.haxx.se/changes.html#7_49_0
reference_id
reference_type
scores
url	https://curl.haxx.se/changes.html#7_49_0

reference_url	https://curl.haxx.se/CVE-2016-3739.patch
reference_id
reference_type
scores
url	https://curl.haxx.se/CVE-2016-3739.patch

reference_url	https://curl.haxx.se/docs/adv_20160518.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20160518.html

reference_url

https://curl.se/docs/CVE-2016-3739.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-3739.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3739

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_url	http://www.openwall.com/lists/oss-security/2024/03/27/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2024/03/27/4

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/90726
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90726

reference_url	http://www.securitytracker.com/id/1035907
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035907

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.495349

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1335430
reference_id	1335430
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1335430

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.1:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.2:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.3:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.4:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.5:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.6:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.7:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.21.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.21.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.22.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.22.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.22.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.1:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.23.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.23.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.24.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.24.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.24.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.25.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.25.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.25.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.26.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.26.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.26.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.27.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.27.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.27.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.28.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.1:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.29.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.29.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.29.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.30.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.30.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.30.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.39.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.40.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.41.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.42.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.43.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.44.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.45.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.46.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.47.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.48.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3739

reference_id

CVE-2016-3739

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3739

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:generic/curl.se/curl@7.49.0

purl pkg:generic/curl.se/curl@7.49.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.49.0

aliases CVE-2016-3739

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eap9-v2gp-fqgh

url VCID-eer3-29q8-sbgq

vulnerability_id VCID-eer3-29q8-sbgq

summary security update

references

reference_url	http://curl.haxx.se/docs/adv_20141105.html
reference_id
reference_type
scores
url	http://curl.haxx.se/docs/adv_20141105.html

reference_url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
reference_id
reference_type
scores
url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743

reference_url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1254.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1254.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3707

reference_id

reference_type

scores

value	0.00209
scoring_system	epss
scoring_elements	0.43397
published_at	2026-04-16T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43337
published_at	2026-04-13T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43274
published_at	2026-04-01T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43331
published_at	2026-04-02T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43359
published_at	2026-04-04T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43296
published_at	2026-04-07T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43348
published_at	2026-04-08T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43363
published_at	2026-04-09T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43384
published_at	2026-04-11T12:55:00Z

value	0.00209
scoring_system	epss
scoring_elements	0.43352
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3707

reference_url

https://curl.se/docs/CVE-2014-3707.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-3707.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707

reference_url	https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT205031

reference_url	http://www.debian.org/security/2014/dsa-3069
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3069

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/70988
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70988

reference_url	http://www.ubuntu.com/usn/USN-2399-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2399-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1154941
reference_id	1154941
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1154941

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.2:::::::*
reference_id	cpe:2.3:a:oracle:hyperion:11.1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.3:::::::*
reference_id	cpe:2.3:a:oracle:hyperion:11.1.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion:11.1.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.10.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3707

reference_id

CVE-2014-3707

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3707

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2399-1/
reference_id	USN-2399-1
reference_type
scores
url	https://usn.ubuntu.com/2399-1/

fixed_packages

url pkg:generic/curl.se/curl@7.39.0

purl pkg:generic/curl.se/curl@7.39.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qka4-jfdb-w3d5

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.39.0

aliases CVE-2014-3707

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eer3-29q8-sbgq

url VCID-fnj3-2du1-4bhx

vulnerability_id VCID-fnj3-2du1-4bhx

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9586

reference_id

reference_type

scores

value	0.00891
scoring_system	epss
scoring_elements	0.75492
published_at	2026-04-01T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.7559
published_at	2026-04-16T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75494
published_at	2026-04-02T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75525
published_at	2026-04-04T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75506
published_at	2026-04-07T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75548
published_at	2026-04-13T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75557
published_at	2026-04-12T12:55:00Z

value	0.00891
scoring_system	epss
scoring_elements	0.75578
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9586

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586

reference_url	https://curl.haxx.se/docs/adv_20161221A.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20161221A.html

reference_url

https://curl.se/docs/CVE-2016-9586.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-9586.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16
reference_id
reference_type
scores
url	https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16

reference_url	https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/95019
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/95019

reference_url	http://www.securitytracker.com/id/1037515
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406712
reference_id	1406712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406712

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958
reference_id	848958
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958

reference_url	https://security.archlinux.org/ASA-201612-22
reference_id	ASA-201612-22
reference_type
scores
url	https://security.archlinux.org/ASA-201612-22

reference_url	https://security.archlinux.org/ASA-201701-10
reference_id	ASA-201701-10
reference_type
scores
url	https://security.archlinux.org/ASA-201701-10

reference_url	https://security.archlinux.org/ASA-201701-11
reference_id	ASA-201701-11
reference_type
scores
url	https://security.archlinux.org/ASA-201701-11

reference_url	https://security.archlinux.org/ASA-201701-7
reference_id	ASA-201701-7
reference_type
scores
url	https://security.archlinux.org/ASA-201701-7

reference_url	https://security.archlinux.org/ASA-201701-8
reference_id	ASA-201701-8
reference_type
scores
url	https://security.archlinux.org/ASA-201701-8

reference_url	https://security.archlinux.org/ASA-201701-9
reference_id	ASA-201701-9
reference_type
scores
url	https://security.archlinux.org/ASA-201701-9

reference_url

https://security.archlinux.org/AVG-112

reference_id

AVG-112

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-112

reference_url

https://security.archlinux.org/AVG-113

reference_id

AVG-113

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-113

reference_url

https://security.archlinux.org/AVG-114

reference_id

AVG-114

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-114

reference_url

https://security.archlinux.org/AVG-115

reference_id

AVG-115

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-115

reference_url

https://security.archlinux.org/AVG-116

reference_id

AVG-116

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-116

reference_url

https://security.archlinux.org/AVG-117

reference_id

AVG-117

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-117

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-9586

reference_id

CVE-2016-9586

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-9586

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3441-1/
reference_id	USN-3441-1
reference_type
scores
url	https://usn.ubuntu.com/3441-1/

reference_url	https://usn.ubuntu.com/3441-2/
reference_id	USN-3441-2
reference_type
scores
url	https://usn.ubuntu.com/3441-2/

fixed_packages

url pkg:generic/curl.se/curl@7.52.0

purl pkg:generic/curl.se/curl@7.52.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-36n6-qanf-nue8

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-hyqp-z8hb-fqbt

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-q3hu-8uy5-e3a4

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0

aliases CVE-2016-9586

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnj3-2du1-4bhx

url VCID-fp65-97n1-xuaj

vulnerability_id VCID-fp65-97n1-xuaj

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which may allow attackers to bypass intended restrictions.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000100

reference_id

reference_type

scores

value	0.00962
scoring_system	epss
scoring_elements	0.76442
published_at	2026-04-01T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.7654
published_at	2026-04-16T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76447
published_at	2026-04-02T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76475
published_at	2026-04-04T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76457
published_at	2026-04-07T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76489
published_at	2026-04-08T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76501
published_at	2026-04-09T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76527
published_at	2026-04-11T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76506
published_at	2026-04-12T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.765
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000100

reference_url	https://curl.haxx.se/docs/adv_20170809B.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20170809B.html

reference_url

https://curl.se/docs/CVE-2017-1000100.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-1000100.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:P/I:N/A:N

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://support.apple.com/HT208221
reference_id
reference_type
scores
url	https://support.apple.com/HT208221

reference_url	http://www.debian.org/security/2017/dsa-3992
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3992

reference_url	http://www.securityfocus.com/bid/100286
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100286

reference_url	http://www.securitytracker.com/id/1039118
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1478310
reference_id	1478310
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1478310

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555
reference_id	871555
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555

reference_url	https://security.archlinux.org/ASA-201708-16
reference_id	ASA-201708-16
reference_type
scores
url	https://security.archlinux.org/ASA-201708-16

reference_url	https://security.archlinux.org/ASA-201710-3
reference_id	ASA-201710-3
reference_type
scores
url	https://security.archlinux.org/ASA-201710-3

reference_url	https://security.archlinux.org/ASA-201710-4
reference_id	ASA-201710-4
reference_type
scores
url	https://security.archlinux.org/ASA-201710-4

reference_url	https://security.archlinux.org/ASA-201710-5
reference_id	ASA-201710-5
reference_type
scores
url	https://security.archlinux.org/ASA-201710-5

reference_url	https://security.archlinux.org/ASA-201710-6
reference_id	ASA-201710-6
reference_type
scores
url	https://security.archlinux.org/ASA-201710-6

reference_url	https://security.archlinux.org/ASA-201710-7
reference_id	ASA-201710-7
reference_type
scores
url	https://security.archlinux.org/ASA-201710-7

reference_url

https://security.archlinux.org/AVG-370

reference_id

AVG-370

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-370

reference_url

reference_id

AVG-371

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-386

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-387

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-388

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-389

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.15.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.16.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.17.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.18.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.19.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.21.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.22.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.23.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.24.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.25.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.29.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.30.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.39:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.40.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.41.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.42.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.43.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.44.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.45.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.46.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.47.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.47.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.48.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.49.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.49.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.50.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.51.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.52.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.52.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.53.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.53.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.54.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.54.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:::::::*

106

reference_url

reference_id

CVE-2017-1000100

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000100

107

reference_url	https://security.gentoo.org/glsa/201709-14
reference_id	GLSA-201709-14
reference_type
scores
url	https://security.gentoo.org/glsa/201709-14

108

reference_url	https://usn.ubuntu.com/3441-1/
reference_id	USN-3441-1
reference_type
scores
url	https://usn.ubuntu.com/3441-1/

109

reference_url	https://usn.ubuntu.com/3441-2/
reference_id	USN-3441-2
reference_type
scores
url	https://usn.ubuntu.com/3441-2/

fixed_packages

url pkg:generic/curl.se/curl@7.55.0

purl pkg:generic/curl.se/curl@7.55.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.55.0

aliases CVE-2017-1000100

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fp65-97n1-xuaj

url VCID-ggt7-eejg-xfb6

vulnerability_id VCID-ggt7-eejg-xfb6

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22876

reference_id

reference_type

scores

value	0.00068
scoring_system	epss
scoring_elements	0.20928
published_at	2026-04-01T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20845
published_at	2026-04-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20987
published_at	2026-04-09T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20925
published_at	2026-04-08T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21131
published_at	2026-04-04T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21078
published_at	2026-04-02T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21003
published_at	2026-04-11T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30169
published_at	2026-04-16T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30153
published_at	2026-04-13T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30201
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22876

reference_url

https://curl.se/docs/CVE-2021-22876.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://curl.se/docs/CVE-2021-22876.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1101882

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://hackerone.com/reports/1101882

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941964
reference_id	1941964
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941964

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/

reference_id

2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
reference_id	986269
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269

reference_url

https://security.archlinux.org/AVG-1753

reference_id

AVG-1753

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1753

reference_url

https://security.archlinux.org/AVG-1754

reference_id

AVG-1754

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1754

reference_url

https://security.archlinux.org/AVG-1755

reference_id

AVG-1755

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1755

reference_url

https://security.archlinux.org/AVG-1756

reference_id

AVG-1756

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1756

reference_url

https://security.archlinux.org/AVG-1757

reference_id

AVG-1757

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1757

reference_url

https://security.archlinux.org/AVG-1758

reference_id

AVG-1758

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1758

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-22876
reference_id	CVE-2021-22876
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-22876

reference_url

https://security.gentoo.org/glsa/202105-36

reference_id

GLSA-202105-36

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://security.gentoo.org/glsa/202105-36

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/

reference_id

ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/

reference_id

KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/

reference_url

https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html

reference_id

msg00019.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html

reference_url

https://security.netapp.com/advisory/ntap-20210521-0007/

reference_id

ntap-20210521-0007

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/

url

https://security.netapp.com/advisory/ntap-20210521-0007/

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

reference_url	https://access.redhat.com/errata/RHSA-2021:4511
reference_id	RHSA-2021:4511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4511

reference_url	https://access.redhat.com/errata/RHSA-2022:1354
reference_id	RHSA-2022:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1354

reference_url	https://usn.ubuntu.com/4898-1/
reference_id	USN-4898-1
reference_type
scores
url	https://usn.ubuntu.com/4898-1/

reference_url	https://usn.ubuntu.com/4903-1/
reference_id	USN-4903-1
reference_type
scores
url	https://usn.ubuntu.com/4903-1/

fixed_packages

url pkg:generic/curl.se/curl@7.76.0

purl pkg:generic/curl.se/curl@7.76.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-38mv-usbe-z7hd

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0

aliases CVE-2021-22876

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ggt7-eejg-xfb6

url VCID-gnx2-djyk-uyaf

vulnerability_id VCID-gnx2-djyk-uyaf

summary

Cookie injection with none file
This flaw allows an attacker to insert cookies at will into a running program
using libcurl, if the specific series of conditions are met.

libcurl performs transfers. In its API, an application creates "easy handles"
that are the individual handles for single transfers.

libcurl provides a function call that duplicates en easy handle called
[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).

If a transfer has cookies enabled when the handle is duplicated, the
cookie-enable state is also cloned - but without cloning the actual
cookies. If the source handle does not read any cookies from a specific file on
disk, the cloned version of the handle would instead store the file name as
`none` (using the four ASCII letters, no quotes).

Subsequent use of the cloned handle that does not explicitly set a source to
load cookies from would then inadvertently load cookies from a file named
`none` - if such a file exists and is readable in the current directory of the
program using libcurl. And if using the correct file format of course.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38546

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49036
published_at	2026-04-16T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48964
published_at	2026-04-02T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48991
published_at	2026-04-13T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48944
published_at	2026-04-07T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48998
published_at	2026-04-08T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48995
published_at	2026-04-09T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.49012
published_at	2026-04-11T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.48985
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/2148242
reference_id
reference_type
scores
url	https://hackerone.com/reports/2148242

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2241938
reference_id	2241938
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2241938

reference_url

http://seclists.org/fulldisclosure/2024/Jan/34

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/34

reference_url

http://seclists.org/fulldisclosure/2024/Jan/37

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/37

reference_url

http://seclists.org/fulldisclosure/2024/Jan/38

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

http://seclists.org/fulldisclosure/2024/Jan/38

reference_url

https://security.archlinux.org/AVG-2845

reference_id

AVG-2845

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2845

reference_url

https://security.archlinux.org/AVG-2846

reference_id

AVG-2846

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2846

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-38546
reference_id	CVE-2023-38546
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-38546

reference_url

https://curl.se/docs/CVE-2023-38546.html

reference_id

CVE-2023-38546.HTML

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://curl.se/docs/CVE-2023-38546.html

reference_url	https://security.gentoo.org/glsa/202310-12
reference_id	GLSA-202310-12
reference_type
scores
url	https://security.gentoo.org/glsa/202310-12

reference_url

https://support.apple.com/kb/HT214036

reference_id

HT214036

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214036

reference_url

https://support.apple.com/kb/HT214057

reference_id

HT214057

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214057

reference_url

https://support.apple.com/kb/HT214058

reference_id

HT214058

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214058

reference_url

https://support.apple.com/kb/HT214063

reference_id

HT214063

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://support.apple.com/kb/HT214063

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/

reference_id

OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/

reference_url	https://access.redhat.com/errata/RHSA-2023:5700
reference_id	RHSA-2023:5700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5700

reference_url	https://access.redhat.com/errata/RHSA-2023:5763
reference_id	RHSA-2023:5763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5763

reference_url	https://access.redhat.com/errata/RHSA-2023:6292
reference_id	RHSA-2023:6292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6292

reference_url	https://access.redhat.com/errata/RHSA-2023:6745
reference_id	RHSA-2023:6745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6745

reference_url	https://access.redhat.com/errata/RHSA-2023:7540
reference_id	RHSA-2023:7540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7540

reference_url	https://access.redhat.com/errata/RHSA-2023:7625
reference_id	RHSA-2023:7625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7625

reference_url	https://access.redhat.com/errata/RHSA-2023:7626
reference_id	RHSA-2023:7626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7626

reference_url	https://access.redhat.com/errata/RHSA-2024:1601
reference_id	RHSA-2024:1601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1601

reference_url	https://access.redhat.com/errata/RHSA-2024:2092
reference_id	RHSA-2024:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2092

reference_url	https://access.redhat.com/errata/RHSA-2024:2093
reference_id	RHSA-2024:2093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2093

reference_url	https://access.redhat.com/errata/RHSA-2024:2101
reference_id	RHSA-2024:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2101

reference_url	https://usn.ubuntu.com/6429-1/
reference_id	USN-6429-1
reference_type
scores
url	https://usn.ubuntu.com/6429-1/

reference_url	https://usn.ubuntu.com/6429-2/
reference_id	USN-6429-2
reference_type
scores
url	https://usn.ubuntu.com/6429-2/

reference_url	https://usn.ubuntu.com/6429-3/
reference_id	USN-6429-3
reference_type
scores
url	https://usn.ubuntu.com/6429-3/

reference_url

https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868

reference_id

viewtopic.php?f=8&t=8868

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/

url

https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868

fixed_packages

url pkg:generic/curl.se/curl@8.4.0

purl pkg:generic/curl.se/curl@8.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0

aliases CVE-2023-38546

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnx2-djyk-uyaf

url VCID-hj8v-tgnn-mfdw

vulnerability_id VCID-hj8v-tgnn-mfdw

summary The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9953

reference_id

reference_type

scores

value	0.01854
scoring_system	epss
scoring_elements	0.83049
published_at	2026-04-16T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.82946
published_at	2026-04-01T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.82963
published_at	2026-04-02T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.82976
published_at	2026-04-04T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.82973
published_at	2026-04-07T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.82998
published_at	2026-04-08T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.83005
published_at	2026-04-09T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.83021
published_at	2026-04-11T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.83015
published_at	2026-04-12T12:55:00Z

value	0.01854
scoring_system	epss
scoring_elements	0.8301
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9953

reference_url

https://curl.se/docs/CVE-2016-9953.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-9953.html

fixed_packages

url pkg:generic/curl.se/curl@7.52.0

purl pkg:generic/curl.se/curl@7.52.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-36n6-qanf-nue8

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-hyqp-z8hb-fqbt

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-q3hu-8uy5-e3a4

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0

aliases CVE-2016-9953

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hj8v-tgnn-mfdw

url VCID-hudt-78dw-tkf2

vulnerability_id VCID-hudt-78dw-tkf2

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22925

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.5489
published_at	2026-04-01T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55017
published_at	2026-04-11T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55005
published_at	2026-04-09T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55006
published_at	2026-04-08T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54956
published_at	2026-04-07T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5496
published_at	2026-04-02T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54986
published_at	2026-04-04T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62217
published_at	2026-04-16T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62194
published_at	2026-04-12T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62173
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22925

reference_url

https://curl.se/docs/CVE-2021-22925.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22925.html

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1223882
reference_id
reference_type
scores
url	https://hackerone.com/reports/1223882

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1970902
reference_id	1970902
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1970902

reference_url	https://security.archlinux.org/ASA-202107-59
reference_id	ASA-202107-59
reference_type
scores
url	https://security.archlinux.org/ASA-202107-59

reference_url	https://security.archlinux.org/ASA-202107-60
reference_id	ASA-202107-60
reference_type
scores
url	https://security.archlinux.org/ASA-202107-60

reference_url	https://security.archlinux.org/ASA-202107-61
reference_id	ASA-202107-61
reference_type
scores
url	https://security.archlinux.org/ASA-202107-61

reference_url	https://security.archlinux.org/ASA-202107-62
reference_id	ASA-202107-62
reference_type
scores
url	https://security.archlinux.org/ASA-202107-62

reference_url	https://security.archlinux.org/ASA-202107-63
reference_id	ASA-202107-63
reference_type
scores
url	https://security.archlinux.org/ASA-202107-63

reference_url	https://security.archlinux.org/ASA-202107-64
reference_id	ASA-202107-64
reference_type
scores
url	https://security.archlinux.org/ASA-202107-64

reference_url

reference_id

AVG-2194

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2195

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2196

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2197

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2198

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2199

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json

reference_url	https://security.gentoo.org/glsa/202212-01
reference_id	GLSA-202212-01
reference_type
scores
url	https://security.gentoo.org/glsa/202212-01

reference_url	https://access.redhat.com/errata/RHSA-2021:4511
reference_id	RHSA-2021:4511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4511

reference_url	https://usn.ubuntu.com/5021-1/
reference_id	USN-5021-1
reference_type
scores
url	https://usn.ubuntu.com/5021-1/

reference_url	https://usn.ubuntu.com/5021-2/
reference_id	USN-5021-2
reference_type
scores
url	https://usn.ubuntu.com/5021-2/

reference_url	https://usn.ubuntu.com/5894-1/
reference_id	USN-5894-1
reference_type
scores
url	https://usn.ubuntu.com/5894-1/

fixed_packages

url pkg:generic/curl.se/curl@7.78.0

purl pkg:generic/curl.se/curl@7.78.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0

aliases CVE-2021-22925

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hudt-78dw-tkf2

url VCID-j2qx-np45-4qdu

vulnerability_id VCID-j2qx-np45-4qdu

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:2486
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2486

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000257

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75327
published_at	2026-04-16T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76996
published_at	2026-04-12T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.77017
published_at	2026-04-11T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76991
published_at	2026-04-13T12:55:00Z

value	0.0109
scoring_system	epss
scoring_elements	0.77876
published_at	2026-04-01T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80553
published_at	2026-04-04T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80545
published_at	2026-04-07T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80531
published_at	2026-04-02T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80584
published_at	2026-04-09T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80574
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000257

reference_url	https://curl.haxx.se/docs/adv_20171023.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20171023.html

reference_url

https://curl.se/docs/CVE-2017-1000257.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-1000257.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:P

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2017/dsa-4007
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-4007

reference_url	http://www.securityfocus.com/bid/101519
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101519

reference_url	http://www.securitytracker.com/id/1039644
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039644

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1503705
reference_id	1503705
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1503705

reference_url	https://security.archlinux.org/ASA-201711-10
reference_id	ASA-201711-10
reference_type
scores
url	https://security.archlinux.org/ASA-201711-10

reference_url	https://security.archlinux.org/ASA-201711-11
reference_id	ASA-201711-11
reference_type
scores
url	https://security.archlinux.org/ASA-201711-11

reference_url	https://security.archlinux.org/ASA-201711-6
reference_id	ASA-201711-6
reference_type
scores
url	https://security.archlinux.org/ASA-201711-6

reference_url	https://security.archlinux.org/ASA-201711-7
reference_id	ASA-201711-7
reference_type
scores
url	https://security.archlinux.org/ASA-201711-7

reference_url	https://security.archlinux.org/ASA-201711-8
reference_id	ASA-201711-8
reference_type
scores
url	https://security.archlinux.org/ASA-201711-8

reference_url	https://security.archlinux.org/ASA-201711-9
reference_id	ASA-201711-9
reference_type
scores
url	https://security.archlinux.org/ASA-201711-9

reference_url

https://security.archlinux.org/AVG-462

reference_id

AVG-462

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-462

reference_url

https://security.archlinux.org/AVG-463

reference_id

AVG-463

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-463

reference_url

https://security.archlinux.org/AVG-464

reference_id

AVG-464

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-464

reference_url

https://security.archlinux.org/AVG-465

reference_id

AVG-465

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-465

reference_url

https://security.archlinux.org/AVG-466

reference_id

AVG-466

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-466

reference_url

https://security.archlinux.org/AVG-467

reference_id

AVG-467

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-467

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::
reference_id	cpe:2.3:a:haxx:libcurl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000257

reference_id

CVE-2017-1000257

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000257

reference_url	https://security.gentoo.org/glsa/201712-04
reference_id	GLSA-201712-04
reference_type
scores
url	https://security.gentoo.org/glsa/201712-04

reference_url	https://access.redhat.com/errata/RHSA-2017:3263
reference_id	RHSA-2017:3263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3263

reference_url	https://usn.ubuntu.com/3441-2/
reference_id	USN-3441-2
reference_type
scores
url	https://usn.ubuntu.com/3441-2/

reference_url	https://usn.ubuntu.com/3457-1/
reference_id	USN-3457-1
reference_type
scores
url	https://usn.ubuntu.com/3457-1/

fixed_packages

url pkg:generic/curl.se/curl@7.56.1

purl pkg:generic/curl.se/curl@7.56.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-drkp-q9r5-ukcm

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.56.1

aliases CVE-2017-1000257

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qx-np45-4qdu

url VCID-jeqg-g3en-5udw

vulnerability_id VCID-jeqg-g3en-5udw

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5420

reference_id

reference_type

scores

value	0.01086
scoring_system	epss
scoring_elements	0.77847
published_at	2026-04-01T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77944
published_at	2026-04-16T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77907
published_at	2026-04-12T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77906
published_at	2026-04-13T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77854
published_at	2026-04-02T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77882
published_at	2026-04-04T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77864
published_at	2026-04-07T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77891
published_at	2026-04-08T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77896
published_at	2026-04-09T12:55:00Z

value	0.01086
scoring_system	epss
scoring_elements	0.77923
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5420

reference_url

https://curl.se/docs/CVE-2016-5420.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-5420.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5421

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1362190
reference_id	1362190
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1362190

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2016:2575
reference_id	RHSA-2016:2575
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2575

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/3048-1/
reference_id	USN-3048-1
reference_type
scores
url	https://usn.ubuntu.com/3048-1/

fixed_packages

url pkg:generic/curl.se/curl@7.50.1

purl pkg:generic/curl.se/curl@7.50.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.1

aliases CVE-2016-5420

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeqg-g3en-5udw

url VCID-jqqf-gmd3-ubcd

vulnerability_id VCID-jqqf-gmd3-ubcd

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8621

reference_id

reference_type

scores

value	0.0226
scoring_system	epss
scoring_elements	0.84539
published_at	2026-04-01T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84638
published_at	2026-04-16T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84555
published_at	2026-04-02T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84576
published_at	2026-04-04T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.8458
published_at	2026-04-07T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84601
published_at	2026-04-08T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84608
published_at	2026-04-09T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84627
published_at	2026-04-11T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84622
published_at	2026-04-12T12:55:00Z

value	0.0226
scoring_system	epss
scoring_elements	0.84617
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8621

reference_url

https://curl.se/docs/CVE-2016-8621.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8621.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388385
reference_id	1388385
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388385

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8621

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqqf-gmd3-ubcd

url VCID-jtw4-af4y-nkbk

vulnerability_id VCID-jtw4-af4y-nkbk

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8619

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86359
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86441
published_at	2026-04-16T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8637
published_at	2026-04-02T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86387
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86408
published_at	2026-04-08T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86418
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86432
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8643
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86425
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8619

reference_url

https://curl.se/docs/CVE-2016-8619.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8619.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388379
reference_id	1388379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388379

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8619

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtw4-af4y-nkbk

url VCID-ju6h-a1sz-f7e5

vulnerability_id VCID-ju6h-a1sz-f7e5

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in information disclosure or data loss.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8285

reference_id

reference_type

scores

value	0.00742
scoring_system	epss
scoring_elements	0.7291
published_at	2026-04-01T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.73008
published_at	2026-04-16T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72994
published_at	2026-04-11T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72973
published_at	2026-04-12T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72967
published_at	2026-04-13T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72922
published_at	2026-04-02T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72942
published_at	2026-04-04T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72917
published_at	2026-04-07T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72955
published_at	2026-04-08T12:55:00Z

value	0.00742
scoring_system	epss
scoring_elements	0.72968
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8285

reference_url

https://curl.se/docs/CVE-2020-8285.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8285.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1045844
reference_id
reference_type
scores
url	https://hackerone.com/reports/1045844

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1902687
reference_id	1902687
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1902687

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162
reference_id	977162
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162

reference_url

reference_id

AVG-1337

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8285
reference_id	CVE-2020-8285
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8285

reference_url	https://security.gentoo.org/glsa/202012-14
reference_id	GLSA-202012-14
reference_type
scores
url	https://security.gentoo.org/glsa/202012-14

reference_url	https://access.redhat.com/errata/RHSA-2021:1610
reference_id	RHSA-2021:1610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1610

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

reference_url	https://usn.ubuntu.com/4665-1/
reference_id	USN-4665-1
reference_type
scores
url	https://usn.ubuntu.com/4665-1/

reference_url	https://usn.ubuntu.com/4665-2/
reference_id	USN-4665-2
reference_type
scores
url	https://usn.ubuntu.com/4665-2/

fixed_packages

url pkg:generic/curl.se/curl@7.74.0

purl pkg:generic/curl.se/curl@7.74.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-frgg-29yv-dyf7

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0

aliases CVE-2020-8285

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ju6h-a1sz-f7e5

url VCID-k8kj-q1je-f7bt

vulnerability_id VCID-k8kj-q1je-f7bt

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-7167

reference_id

reference_type

scores

value	0.02289
scoring_system	epss
scoring_elements	0.84631
published_at	2026-04-01T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84726
published_at	2026-04-16T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84696
published_at	2026-04-09T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84715
published_at	2026-04-11T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.8471
published_at	2026-04-12T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84704
published_at	2026-04-13T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84646
published_at	2026-04-02T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84666
published_at	2026-04-04T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84667
published_at	2026-04-07T12:55:00Z

value	0.02289
scoring_system	epss
scoring_elements	0.84689
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-7167

reference_url

https://curl.se/docs/CVE-2016-7167.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-7167.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1375906
reference_id	1375906
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1375906

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945
reference_id	837945
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945

reference_url	https://security.archlinux.org/ASA-201609-18
reference_id	ASA-201609-18
reference_type
scores
url	https://security.archlinux.org/ASA-201609-18

reference_url	https://security.archlinux.org/ASA-201609-19
reference_id	ASA-201609-19
reference_type
scores
url	https://security.archlinux.org/ASA-201609-19

reference_url

https://security.archlinux.org/AVG-20

reference_id

AVG-20

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-20

reference_url

https://security.archlinux.org/AVG-21

reference_id

AVG-21

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-21

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://access.redhat.com/errata/RHSA-2017:2016
reference_id	RHSA-2017:2016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2016

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.50.3

purl pkg:generic/curl.se/curl@7.50.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.3

aliases CVE-2016-7167

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kj-q1je-f7bt

url VCID-ma8s-he6x-z7a8

vulnerability_id VCID-ma8s-he6x-z7a8

summary curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2522

reference_id

reference_type

scores

value	0.00292
scoring_system	epss
scoring_elements	0.52599
published_at	2026-04-16T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52452
published_at	2026-04-01T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52498
published_at	2026-04-02T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52525
published_at	2026-04-04T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52491
published_at	2026-04-07T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52544
published_at	2026-04-08T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52539
published_at	2026-04-09T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.5259
published_at	2026-04-11T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52574
published_at	2026-04-12T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52559
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2522

reference_url

https://curl.se/docs/CVE-2014-2522.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-2522.html

fixed_packages

url pkg:generic/curl.se/curl@7.36.0

purl pkg:generic/curl.se/curl@7.36.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.36.0

aliases CVE-2014-2522

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ma8s-he6x-z7a8

url VCID-mkyr-w79c-qqfz

vulnerability_id VCID-mkyr-w79c-qqfz

summary curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-14017

reference_id

reference_type

scores

value	7e-05
scoring_system	epss
scoring_elements	0.00579
published_at	2026-04-16T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00593
published_at	2026-04-08T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00595
published_at	2026-04-07T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00587
published_at	2026-04-09T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00586
published_at	2026-04-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00582
published_at	2026-04-12T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00583
published_at	2026-04-13T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.006
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-14017

reference_url

https://curl.se/docs/CVE-2025-14017.html

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Medium
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/

url

https://curl.se/docs/CVE-2025-14017.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2427870
reference_id	2427870
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2427870

reference_url

https://curl.se/docs/CVE-2025-14017.json

reference_id

CVE-2025-14017.json

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/

url

https://curl.se/docs/CVE-2025-14017.json

reference_url	https://usn.ubuntu.com/8062-1/
reference_id	USN-8062-1
reference_type
scores
url	https://usn.ubuntu.com/8062-1/

reference_url	https://usn.ubuntu.com/8062-2/
reference_id	USN-8062-2
reference_type
scores
url	https://usn.ubuntu.com/8062-2/

fixed_packages

url pkg:generic/curl.se/curl@8.18.0

purl pkg:generic/curl.se/curl@8.18.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-amgy-dw6h-6ydf

vulnerability	VCID-etzn-uhck-h7b2

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0

aliases CVE-2025-14017

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyr-w79c-qqfz

url VCID-ms2r-94ph-yyh3

vulnerability_id VCID-ms2r-94ph-yyh3

summary

Improper Authentication
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27536

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01282
published_at	2026-04-16T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01285
published_at	2026-04-02T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.0129
published_at	2026-04-04T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01301
published_at	2026-04-07T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01306
published_at	2026-04-08T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.0131
published_at	2026-04-09T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01294
published_at	2026-04-11T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01288
published_at	2026-04-12T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01291
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27536

reference_url

https://curl.se/docs/CVE-2023-27536.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-27536.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1895135

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/

url

https://hackerone.com/reports/1895135

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179092
reference_id	2179092
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179092

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_id

36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-27536
reference_id	CVE-2023-27536
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-27536

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

reference_id

msg00025.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_id

ntap-20230420-0010

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/

url

https://security.netapp.com/advisory/ntap-20230420-0010/

reference_url	https://access.redhat.com/errata/RHSA-2023:4523
reference_id	RHSA-2023:4523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4523

reference_url	https://access.redhat.com/errata/RHSA-2023:6679
reference_id	RHSA-2023:6679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6679

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://usn.ubuntu.com/5964-1/
reference_id	USN-5964-1
reference_type
scores
url	https://usn.ubuntu.com/5964-1/

reference_url	https://usn.ubuntu.com/5964-2/
reference_id	USN-5964-2
reference_type
scores
url	https://usn.ubuntu.com/5964-2/

fixed_packages

url pkg:generic/curl.se/curl@8.0.0

purl pkg:generic/curl.se/curl@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0

aliases CVE-2023-27536

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2r-94ph-yyh3

url VCID-ph5u-5j8n-4qah

vulnerability_id VCID-ph5u-5j8n-4qah

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22898

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31806
published_at	2026-04-01T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.3184
published_at	2026-04-16T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31935
published_at	2026-04-02T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31977
published_at	2026-04-04T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31797
published_at	2026-04-07T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31849
published_at	2026-04-08T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31879
published_at	2026-04-09T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31882
published_at	2026-04-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31843
published_at	2026-04-12T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31808
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22898

reference_url

https://curl.se/docs/CVE-2021-22898.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22898.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1176461
reference_id
reference_type
scores
url	https://hackerone.com/reports/1176461

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1964887
reference_id	1964887
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1964887

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228
reference_id	989228
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228

reference_url	https://security.archlinux.org/ASA-202106-4
reference_id	ASA-202106-4
reference_type
scores
url	https://security.archlinux.org/ASA-202106-4

reference_url	https://security.archlinux.org/ASA-202106-5
reference_id	ASA-202106-5
reference_type
scores
url	https://security.archlinux.org/ASA-202106-5

reference_url	https://security.archlinux.org/ASA-202106-6
reference_id	ASA-202106-6
reference_type
scores
url	https://security.archlinux.org/ASA-202106-6

reference_url	https://security.archlinux.org/ASA-202106-7
reference_id	ASA-202106-7
reference_type
scores
url	https://security.archlinux.org/ASA-202106-7

reference_url	https://security.archlinux.org/ASA-202106-8
reference_id	ASA-202106-8
reference_type
scores
url	https://security.archlinux.org/ASA-202106-8

reference_url	https://security.archlinux.org/ASA-202106-9
reference_id	ASA-202106-9
reference_type
scores
url	https://security.archlinux.org/ASA-202106-9

reference_url

https://security.archlinux.org/AVG-1995

reference_id

AVG-1995

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1995

reference_url

https://security.archlinux.org/AVG-1996

reference_id

AVG-1996

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1996

reference_url

https://security.archlinux.org/AVG-1997

reference_id

AVG-1997

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1997

reference_url

https://security.archlinux.org/AVG-1998

reference_id

AVG-1998

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1998

reference_url

https://security.archlinux.org/AVG-1999

reference_id

AVG-1999

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1999

reference_url

https://security.archlinux.org/AVG-2000

reference_id

AVG-2000

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2000

reference_url	https://security.gentoo.org/glsa/202105-36
reference_id	GLSA-202105-36
reference_type
scores
url	https://security.gentoo.org/glsa/202105-36

reference_url	https://access.redhat.com/errata/RHSA-2021:4511
reference_id	RHSA-2021:4511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4511

reference_url	https://usn.ubuntu.com/5021-1/
reference_id	USN-5021-1
reference_type
scores
url	https://usn.ubuntu.com/5021-1/

reference_url	https://usn.ubuntu.com/5021-2/
reference_id	USN-5021-2
reference_type
scores
url	https://usn.ubuntu.com/5021-2/

reference_url	https://usn.ubuntu.com/5894-1/
reference_id	USN-5894-1
reference_type
scores
url	https://usn.ubuntu.com/5894-1/

fixed_packages

url pkg:generic/curl.se/curl@7.77.0

purl pkg:generic/curl.se/curl@7.77.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.77.0

aliases CVE-2021-22898

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ph5u-5j8n-4qah

url VCID-qbpd-star-6fgn

vulnerability_id VCID-qbpd-star-6fgn

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22923

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25873
published_at	2026-04-01T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25784
published_at	2026-04-16T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25937
published_at	2026-04-02T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25978
published_at	2026-04-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25745
published_at	2026-04-07T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25816
published_at	2026-04-08T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25868
published_at	2026-04-09T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25879
published_at	2026-04-11T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25838
published_at	2026-04-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25782
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22923

reference_url

https://curl.se/docs/CVE-2021-22923.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22923.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1213181

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/

url

https://hackerone.com/reports/1213181

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1981438
reference_id	1981438
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1981438

reference_url	https://security.archlinux.org/ASA-202107-59
reference_id	ASA-202107-59
reference_type
scores
url	https://security.archlinux.org/ASA-202107-59

reference_url

reference_id

AVG-2194

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

reference_url

reference_id

FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/

url

https://security.netapp.com/advisory/ntap-20210902-0003/

reference_url

reference_id

ntap-20210902-0003

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/

url

https://security.netapp.com/advisory/ntap-20210902-0003/

reference_url	https://access.redhat.com/errata/RHSA-2021:3582
reference_id	RHSA-2021:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3582

reference_url	https://access.redhat.com/errata/RHSA-2021:3903
reference_id	RHSA-2021:3903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3903

fixed_packages

url pkg:generic/curl.se/curl@7.78.0

purl pkg:generic/curl.se/curl@7.78.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0

aliases CVE-2021-22923

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbpd-star-6fgn

url VCID-r7bh-7wur-xffs

vulnerability_id VCID-r7bh-7wur-xffs

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27776

reference_id

reference_type

scores

value	0.00682
scoring_system	epss
scoring_elements	0.71649
published_at	2026-04-16T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71574
published_at	2026-04-02T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71592
published_at	2026-04-04T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71565
published_at	2026-04-07T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71605
published_at	2026-04-08T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71616
published_at	2026-04-09T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71639
published_at	2026-04-11T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71623
published_at	2026-04-12T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.71604
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27776

reference_url

https://curl.se/docs/CVE-2022-27776.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-27776.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1547048

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://hackerone.com/reports/1547048

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252
reference_id	1010252
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2078408
reference_id	2078408
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2078408

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/

reference_id

7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/

reference_url

reference_id

AVG-2685

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/

reference_url

reference_id

DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/

reference_url

reference_id

dsa-5197

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_id

ntap-20220609-0008

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/

url

https://security.netapp.com/advisory/ntap-20220609-0008/

reference_url	https://access.redhat.com/errata/RHSA-2022:5245
reference_id	RHSA-2022:5245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5245

reference_url	https://access.redhat.com/errata/RHSA-2022:5313
reference_id	RHSA-2022:5313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5313

reference_url	https://usn.ubuntu.com/5397-1/
reference_id	USN-5397-1
reference_type
scores
url	https://usn.ubuntu.com/5397-1/

fixed_packages

url pkg:generic/curl.se/curl@7.83.0

purl pkg:generic/curl.se/curl@7.83.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6ge5-86tg-dydf

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hjkx-6yep-mkde

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-rhxh-77pj-1bfy

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v9n1-d6xt-6ubn

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0

aliases CVE-2022-27776

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7bh-7wur-xffs

url VCID-rmez-cwu2-2ya7

vulnerability_id VCID-rmez-cwu2-2ya7

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in information disclosure or data loss.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8284

reference_id

reference_type

scores

value	0.00104
scoring_system	epss
scoring_elements	0.28391
published_at	2026-04-01T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28321
published_at	2026-04-16T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28411
published_at	2026-04-11T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28368
published_at	2026-04-12T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.2831
published_at	2026-04-13T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28466
published_at	2026-04-02T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28508
published_at	2026-04-04T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28299
published_at	2026-04-07T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28364
published_at	2026-04-08T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28408
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8284

reference_url

https://curl.se/docs/CVE-2020-8284.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8284.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1040166
reference_id
reference_type
scores
url	https://hackerone.com/reports/1040166

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1902667
reference_id	1902667
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1902667

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163
reference_id	977163
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163

reference_url

reference_id

AVG-1337

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json

reference_url	https://security.gentoo.org/glsa/202012-14
reference_id	GLSA-202012-14
reference_type
scores
url	https://security.gentoo.org/glsa/202012-14

reference_url	https://access.redhat.com/errata/RHSA-2021:1610
reference_id	RHSA-2021:1610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1610

reference_url	https://access.redhat.com/errata/RHSA-2021:2471
reference_id	RHSA-2021:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2471

reference_url	https://access.redhat.com/errata/RHSA-2021:2472
reference_id	RHSA-2021:2472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2472

reference_url	https://usn.ubuntu.com/4665-1/
reference_id	USN-4665-1
reference_type
scores
url	https://usn.ubuntu.com/4665-1/

reference_url	https://usn.ubuntu.com/4665-2/
reference_id	USN-4665-2
reference_type
scores
url	https://usn.ubuntu.com/4665-2/

fixed_packages

url pkg:generic/curl.se/curl@7.74.0

purl pkg:generic/curl.se/curl@7.74.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-frgg-29yv-dyf7

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0

aliases CVE-2020-8284

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmez-cwu2-2ya7

url VCID-s73y-y7v7-43cm

vulnerability_id VCID-s73y-y7v7-43cm

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28322

reference_id

reference_type

scores

value	0.00631
scoring_system	epss
scoring_elements	0.70331
published_at	2026-04-16T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70238
published_at	2026-04-02T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70255
published_at	2026-04-04T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70232
published_at	2026-04-07T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70278
published_at	2026-04-08T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70294
published_at	2026-04-09T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70317
published_at	2026-04-11T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70302
published_at	2026-04-12T12:55:00Z

value	0.00631
scoring_system	epss
scoring_elements	0.70289
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28322

reference_url

https://curl.se/docs/CVE-2023-28322.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-28322.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1954658

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://hackerone.com/reports/1954658

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239
reference_id	1036239
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2196793
reference_id	2196793
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2196793

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_url

reference_id

F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/

reference_url

reference_id

GLSA-202310-12

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

reference_url

reference_id

HT213843

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

reference_url

reference_id

HT213844

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

reference_url

reference_id

HT213845

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html

reference_url

reference_id

msg00015.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html

reference_url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_id

ntap-20230609-0009

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://security.netapp.com/advisory/ntap-20230609-0009/

reference_url	https://access.redhat.com/errata/RHSA-2023:4354
reference_id	RHSA-2023:4354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4354

reference_url	https://access.redhat.com/errata/RHSA-2023:4628
reference_id	RHSA-2023:4628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4628

reference_url	https://access.redhat.com/errata/RHSA-2023:4629
reference_id	RHSA-2023:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4629

reference_url	https://access.redhat.com/errata/RHSA-2023:5598
reference_id	RHSA-2023:5598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5598

reference_url	https://access.redhat.com/errata/RHSA-2024:0428
reference_id	RHSA-2024:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0428

reference_url	https://access.redhat.com/errata/RHSA-2024:0585
reference_id	RHSA-2024:0585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0585

reference_url	https://access.redhat.com/errata/RHSA-2024:1601
reference_id	RHSA-2024:1601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1601

reference_url	https://access.redhat.com/errata/RHSA-2024:2092
reference_id	RHSA-2024:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2092

reference_url	https://access.redhat.com/errata/RHSA-2024:2093
reference_id	RHSA-2024:2093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2093

reference_url	https://usn.ubuntu.com/6237-1/
reference_id	USN-6237-1
reference_type
scores
url	https://usn.ubuntu.com/6237-1/

reference_url	https://usn.ubuntu.com/6237-3/
reference_id	USN-6237-3
reference_type
scores
url	https://usn.ubuntu.com/6237-3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

reference_id

Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/

fixed_packages

url pkg:generic/curl.se/curl@8.1.0

purl pkg:generic/curl.se/curl@8.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0

aliases CVE-2023-28322

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm

url VCID-sh5a-fmna-wffr

vulnerability_id VCID-sh5a-fmna-wffr

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22946

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.23143
published_at	2026-04-01T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2322
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23322
published_at	2026-04-02T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23365
published_at	2026-04-04T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23154
published_at	2026-04-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23227
published_at	2026-04-08T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23277
published_at	2026-04-09T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23299
published_at	2026-04-11T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23261
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23204
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22946

reference_url

https://curl.se/docs/CVE-2021-22946.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22946.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1334111
reference_id
reference_type
scores
url	https://hackerone.com/reports/1334111

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589
reference_id	1017589
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2003175
reference_id	2003175
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2003175

reference_url

reference_id

AVG-2384

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2385

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2386

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2387

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2388

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2389

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_url	https://security.gentoo.org/glsa/202212-01
reference_id	GLSA-202212-01
reference_type
scores
url	https://security.gentoo.org/glsa/202212-01

reference_url	https://access.redhat.com/errata/RHSA-2021:4059
reference_id	RHSA-2021:4059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4059

reference_url	https://access.redhat.com/errata/RHSA-2022:0635
reference_id	RHSA-2022:0635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0635

reference_url	https://access.redhat.com/errata/RHSA-2022:1354
reference_id	RHSA-2022:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1354

reference_url	https://usn.ubuntu.com/5079-1/
reference_id	USN-5079-1
reference_type
scores
url	https://usn.ubuntu.com/5079-1/

reference_url	https://usn.ubuntu.com/5079-2/
reference_id	USN-5079-2
reference_type
scores
url	https://usn.ubuntu.com/5079-2/

fixed_packages

url pkg:generic/curl.se/curl@7.79.0

purl pkg:generic/curl.se/curl@7.79.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0

aliases CVE-2021-22946

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5a-fmna-wffr

url VCID-sknq-8mm1-6qfe

vulnerability_id VCID-sknq-8mm1-6qfe

summary security update

references

reference_url	http://curl.haxx.se/docs/adv_20140910A.html
reference_id
reference_type
scores
url	http://curl.haxx.se/docs/adv_20140910A.html

reference_url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
reference_id
reference_type
scores
url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743

reference_url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1254.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1254.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json

reference_url

reference_id

reference_type

scores

value	0.0182
scoring_system	epss
scoring_elements	0.82903
published_at	2026-04-16T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82864
published_at	2026-04-13T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82801
published_at	2026-04-01T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82817
published_at	2026-04-02T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.8283
published_at	2026-04-04T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82826
published_at	2026-04-07T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82851
published_at	2026-04-08T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82858
published_at	2026-04-09T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82874
published_at	2026-04-11T12:55:00Z

value	0.0182
scoring_system	epss
scoring_elements	0.82868
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3613

reference_url

https://curl.se/docs/CVE-2014-3613.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-3613.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613

reference_url	https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT205031

reference_url	http://www.debian.org/security/2014/dsa-3022
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3022

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/69748
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/69748

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154
reference_id	1136154
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1136154

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.33.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.34.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:::::::*
reference_id	cpe:2.3:a:haxx:curl:7.37.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::
reference_id	cpe:2.3:a:haxx:libcurl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.33.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.34.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.35.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.36.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_id	cpe:2.3:a:haxx:libcurl:7.37.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3613

reference_id

CVE-2014-3613

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3613

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2346-1/
reference_id	USN-2346-1
reference_type
scores
url	https://usn.ubuntu.com/2346-1/

fixed_packages

url pkg:generic/curl.se/curl@7.38.0

purl pkg:generic/curl.se/curl@7.38.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qka4-jfdb-w3d5

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.38.0

aliases CVE-2014-3613

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sknq-8mm1-6qfe

url VCID-snaz-pg1h-8kew

vulnerability_id VCID-snaz-pg1h-8kew

summary cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

references

reference_url	http://curl.haxx.se/docs/adv_20160127B.html
reference_id
reference_type
scores
url	http://curl.haxx.se/docs/adv_20160127B.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0754

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57561
published_at	2026-04-16T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57555
published_at	2026-04-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57533
published_at	2026-04-13T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57423
published_at	2026-04-01T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57507
published_at	2026-04-02T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57528
published_at	2026-04-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57504
published_at	2026-04-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57556
published_at	2026-04-08T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5756
published_at	2026-04-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57575
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0754

reference_url

https://curl.se/docs/CVE-2016-0754.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-0754.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0754

reference_id

CVE-2016-0754

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0754

fixed_packages

url pkg:generic/curl.se/curl@7.47.0

purl pkg:generic/curl.se/curl@7.47.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.47.0

aliases CVE-2016-0754

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snaz-pg1h-8kew

url VCID-syz5-5y6f-s7er

vulnerability_id VCID-syz5-5y6f-s7er

summary Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27534

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.19882
published_at	2026-04-16T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19963
published_at	2026-04-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19904
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20068
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20126
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19854
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19933
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19988
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20007
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27534

reference_url

https://curl.se/docs/CVE-2023-27534.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2023-27534.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1892351
reference_id
reference_type
scores
url	https://hackerone.com/reports/1892351

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179069
reference_id	2179069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179069

reference_url	https://security.gentoo.org/glsa/202310-12
reference_id	GLSA-202310-12
reference_type
scores
url	https://security.gentoo.org/glsa/202310-12

reference_url	https://access.redhat.com/errata/RHSA-2023:3354
reference_id	RHSA-2023:3354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3354

reference_url	https://access.redhat.com/errata/RHSA-2023:3355
reference_id	RHSA-2023:3355
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3355

reference_url	https://access.redhat.com/errata/RHSA-2023:6679
reference_id	RHSA-2023:6679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6679

reference_url	https://usn.ubuntu.com/5964-1/
reference_id	USN-5964-1
reference_type
scores
url	https://usn.ubuntu.com/5964-1/

fixed_packages

url pkg:generic/curl.se/curl@8.0.0

purl pkg:generic/curl.se/curl@8.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-5xp7-mcsa-uqd4

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-tha5-fv3w-sub6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0

aliases CVE-2023-27534

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-syz5-5y6f-s7er

url VCID-t4gn-9fw8-gkc3

vulnerability_id VCID-t4gn-9fw8-gkc3

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22947

reference_id

reference_type

scores

value	0.00253
scoring_system	epss
scoring_elements	0.486
published_at	2026-04-01T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48718
published_at	2026-04-16T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48641
published_at	2026-04-02T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48662
published_at	2026-04-04T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48614
published_at	2026-04-07T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48668
published_at	2026-04-08T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48665
published_at	2026-04-09T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48683
published_at	2026-04-11T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48657
published_at	2026-04-12T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48669
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22947

reference_url

https://curl.se/docs/CVE-2021-22947.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22947.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1334763
reference_id
reference_type
scores
url	https://hackerone.com/reports/1334763

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2003191
reference_id	2003191
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2003191

reference_url

reference_id

AVG-2384

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2385

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2386

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2387

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2388

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2389

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3148

reference_url	https://security.gentoo.org/glsa/202212-01
reference_id	GLSA-202212-01
reference_type
scores
url	https://security.gentoo.org/glsa/202212-01

reference_url	https://access.redhat.com/errata/RHSA-2021:4059
reference_id	RHSA-2021:4059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4059

reference_url	https://access.redhat.com/errata/RHSA-2022:0635
reference_id	RHSA-2022:0635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0635

reference_url	https://access.redhat.com/errata/RHSA-2022:1354
reference_id	RHSA-2022:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1354

reference_url	https://usn.ubuntu.com/5079-1/
reference_id	USN-5079-1
reference_type
scores
url	https://usn.ubuntu.com/5079-1/

reference_url	https://usn.ubuntu.com/5079-2/
reference_id	USN-5079-2
reference_type
scores
url	https://usn.ubuntu.com/5079-2/

fixed_packages

url pkg:generic/curl.se/curl@7.79.0

purl pkg:generic/curl.se/curl@7.79.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0

aliases CVE-2021-22947

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gn-9fw8-gkc3

url VCID-tmv3-fzje-sbck

vulnerability_id VCID-tmv3-fzje-sbck

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which can allow remote attackers to cause Denial of Service condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json

reference_url

reference_id

reference_type

scores

value	0.01686
scoring_system	epss
scoring_elements	0.82244
published_at	2026-04-16T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82137
published_at	2026-04-01T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.8215
published_at	2026-04-02T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82172
published_at	2026-04-04T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82168
published_at	2026-04-07T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82195
published_at	2026-04-08T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82202
published_at	2026-04-09T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82221
published_at	2026-04-11T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82214
published_at	2026-04-12T12:55:00Z

value	0.01686
scoring_system	epss
scoring_elements	0.82208
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3148

reference_url

https://curl.se/docs/CVE-2015-3148.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2015-3148.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213351
reference_id	1213351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213351

reference_url	https://security.gentoo.org/glsa/201509-02
reference_id	GLSA-201509-02
reference_type
scores
url	https://security.gentoo.org/glsa/201509-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2591-1/
reference_id	USN-2591-1
reference_type
scores
url	https://usn.ubuntu.com/2591-1/

fixed_packages

url pkg:generic/curl.se/curl@7.42.0

purl pkg:generic/curl.se/curl@7.42.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r447-deb8-2ydj

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yubp-g4rt-c3e6

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.0

aliases CVE-2015-3148

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmv3-fzje-sbck

url VCID-tz47-j4ey-t7g6

vulnerability_id VCID-tz47-j4ey-t7g6

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14618

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.65733
published_at	2026-04-16T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65698
published_at	2026-04-13T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69387
published_at	2026-04-01T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69398
published_at	2026-04-02T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69414
published_at	2026-04-04T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69393
published_at	2026-04-07T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69444
published_at	2026-04-08T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.6946
published_at	2026-04-09T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69481
published_at	2026-04-11T12:55:00Z

value	0.006
scoring_system	epss
scoring_elements	0.69466
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14618

reference_url

https://curl.se/docs/CVE-2018-14618.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2018-14618.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1622707
reference_id	1622707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1622707

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327
reference_id	908327
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327

reference_url	https://security.gentoo.org/glsa/201903-03
reference_id	GLSA-201903-03
reference_type
scores
url	https://security.gentoo.org/glsa/201903-03

reference_url	https://access.redhat.com/errata/RHSA-2019:1880
reference_id	RHSA-2019:1880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1880

reference_url	https://usn.ubuntu.com/3765-1/
reference_id	USN-3765-1
reference_type
scores
url	https://usn.ubuntu.com/3765-1/

reference_url	https://usn.ubuntu.com/3765-2/
reference_id	USN-3765-2
reference_type
scores
url	https://usn.ubuntu.com/3765-2/

fixed_packages

url pkg:generic/curl.se/curl@7.61.1

purl pkg:generic/curl.se/curl@7.61.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9cbd-x468-rkaw

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.1

aliases CVE-2018-14618

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tz47-j4ey-t7g6

url VCID-vxpj-xygq-9be2

vulnerability_id VCID-vxpj-xygq-9be2

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8615

reference_id

reference_type

scores

value	0.02337
scoring_system	epss
scoring_elements	0.84774
published_at	2026-04-01T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.8487
published_at	2026-04-16T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84789
published_at	2026-04-02T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84808
published_at	2026-04-04T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.8481
published_at	2026-04-07T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84832
published_at	2026-04-08T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84839
published_at	2026-04-09T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84857
published_at	2026-04-11T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84854
published_at	2026-04-12T12:55:00Z

value	0.02337
scoring_system	epss
scoring_elements	0.84849
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8615

reference_url

https://curl.se/docs/CVE-2016-8615.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8615.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370
reference_id	1388370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388370

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8615

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpj-xygq-9be2

url VCID-vyk2-s5ut-ubbz

vulnerability_id VCID-vyk2-s5ut-ubbz

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_id

reference_type

scores

value	0.01654
scoring_system	epss
scoring_elements	0.81967
published_at	2026-04-01T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82068
published_at	2026-04-16T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.81997
published_at	2026-04-07T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82024
published_at	2026-04-08T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82031
published_at	2026-04-09T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82051
published_at	2026-04-11T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.8204
published_at	2026-04-12T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82033
published_at	2026-04-13T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.81978
published_at	2026-04-02T12:55:00Z

value	0.01654
scoring_system	epss
scoring_elements	0.82001
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8618

reference_url

https://curl.se/docs/CVE-2016-8618.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8618.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378
reference_id	1388378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388378

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4802

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

reference_url	https://usn.ubuntu.com/3123-1/
reference_id	USN-3123-1
reference_type
scores
url	https://usn.ubuntu.com/3123-1/

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8618

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vyk2-s5ut-ubbz

url VCID-wc8j-qyp4-tqbd

vulnerability_id VCID-wc8j-qyp4-tqbd

summary Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.

references

reference_url

reference_id

reference_type

scores

value	0.00612
scoring_system	epss
scoring_elements	0.69842
published_at	2026-04-16T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69815
published_at	2026-04-12T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.698
published_at	2026-04-13T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.6974
published_at	2026-04-01T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69751
published_at	2026-04-02T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69767
published_at	2026-04-04T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69743
published_at	2026-04-07T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69791
published_at	2026-04-08T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69807
published_at	2026-04-09T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.6983
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4802

reference_url	https://curl.haxx.se/docs/adv_20160530.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_20160530.html

reference_url

https://curl.se/docs/CVE-2016-4802.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-4802.html

reference_url	http://www.securityfocus.com/bid/90997
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90997

reference_url	http://www.securitytracker.com/id/1036008
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036008

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4802

reference_id

CVE-2016-4802

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4802

fixed_packages

url pkg:generic/curl.se/curl@7.49.1

purl pkg:generic/curl.se/curl@7.49.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.49.1

aliases CVE-2016-4802

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc8j-qyp4-tqbd

url VCID-wrh2-77dv-hbdz

vulnerability_id VCID-wrh2-77dv-hbdz

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:3558
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3558

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8817

reference_id

reference_type

scores

value	0.00852
scoring_system	epss
scoring_elements	0.74872
published_at	2026-04-07T12:55:00Z

value	0.00852
scoring_system	epss
scoring_elements	0.74905
published_at	2026-04-08T12:55:00Z

value	0.00852
scoring_system	epss
scoring_elements	0.74919
published_at	2026-04-12T12:55:00Z

value	0.00852
scoring_system	epss
scoring_elements	0.74941
published_at	2026-04-11T12:55:00Z

value	0.00852
scoring_system	epss
scoring_elements	0.74918
published_at	2026-04-09T12:55:00Z

value	0.00852
scoring_system	epss
scoring_elements	0.7491
published_at	2026-04-13T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76325
published_at	2026-04-04T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76291
published_at	2026-04-01T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76294
published_at	2026-04-02T12:55:00Z

value	0.00981
scoring_system	epss
scoring_elements	0.76812
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8817

reference_url	https://curl.haxx.se/docs/adv_2017-ae72.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/adv_2017-ae72.html

reference_url

https://curl.se/docs/CVE-2017-8817.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2017-8817.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817

reference_url	http://security.cucumberlinux.com/security/details.php?id=162
reference_id
reference_type
scores
url	http://security.cucumberlinux.com/security/details.php?id=162

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:N

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html

reference_url	https://www.debian.org/security/2017/dsa-4051
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4051

reference_url	http://www.securityfocus.com/bid/102057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102057

reference_url	http://www.securitytracker.com/id/1039897
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039897

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515760
reference_id	1515760
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515760

reference_url	https://security.archlinux.org/ASA-201711-33
reference_id	ASA-201711-33
reference_type
scores
url	https://security.archlinux.org/ASA-201711-33

reference_url	https://security.archlinux.org/ASA-201711-34
reference_id	ASA-201711-34
reference_type
scores
url	https://security.archlinux.org/ASA-201711-34

reference_url	https://security.archlinux.org/ASA-201711-35
reference_id	ASA-201711-35
reference_type
scores
url	https://security.archlinux.org/ASA-201711-35

reference_url	https://security.archlinux.org/ASA-201711-36
reference_id	ASA-201711-36
reference_type
scores
url	https://security.archlinux.org/ASA-201711-36

reference_url	https://security.archlinux.org/ASA-201711-37
reference_id	ASA-201711-37
reference_type
scores
url	https://security.archlinux.org/ASA-201711-37

reference_url	https://security.archlinux.org/ASA-201711-38
reference_id	ASA-201711-38
reference_type
scores
url	https://security.archlinux.org/ASA-201711-38

reference_url

https://security.archlinux.org/AVG-521

reference_id

AVG-521

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-521

reference_url

https://security.archlinux.org/AVG-522

reference_id

AVG-522

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-522

reference_url

https://security.archlinux.org/AVG-523

reference_id

AVG-523

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-523

reference_url

https://security.archlinux.org/AVG-524

reference_id

AVG-524

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-524

reference_url

https://security.archlinux.org/AVG-525

reference_id

AVG-525

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-525

reference_url

https://security.archlinux.org/AVG-526

reference_id

AVG-526

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-526

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::
reference_id	cpe:2.3:a:haxx:libcurl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-8817

reference_id

CVE-2017-8817

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-8817

reference_url	https://security.gentoo.org/glsa/201712-04
reference_id	GLSA-201712-04
reference_type
scores
url	https://security.gentoo.org/glsa/201712-04

reference_url	https://usn.ubuntu.com/3498-1/
reference_id	USN-3498-1
reference_type
scores
url	https://usn.ubuntu.com/3498-1/

reference_url	https://usn.ubuntu.com/3498-2/
reference_id	USN-3498-2
reference_type
scores
url	https://usn.ubuntu.com/3498-2/

fixed_packages

url pkg:generic/curl.se/curl@7.57.0

purl pkg:generic/curl.se/curl@7.57.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dhrf-2sz5-3bhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-krgt-drpz-y7cy

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vr9x-yqsd-6fc8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.57.0

aliases CVE-2017-8817

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wrh2-77dv-hbdz

url VCID-wwam-tcmv-kqhc

vulnerability_id VCID-wwam-tcmv-kqhc

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which may lead to arbitrary code execution.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5482

reference_id

reference_type

scores

value	0.06912
scoring_system	epss
scoring_elements	0.91427
published_at	2026-04-16T12:55:00Z

value	0.06912
scoring_system	epss
scoring_elements	0.91403
published_at	2026-04-12T12:55:00Z

value	0.06912
scoring_system	epss
scoring_elements	0.91402
published_at	2026-04-13T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92281
published_at	2026-04-09T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.9225
published_at	2026-04-01T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92286
published_at	2026-04-11T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92257
published_at	2026-04-02T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92262
published_at	2026-04-04T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92265
published_at	2026-04-07T12:55:00Z

value	0.08332
scoring_system	epss
scoring_elements	0.92277
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5482

reference_url	https://curl.haxx.se/docs/CVE-2019-5482.html
reference_id
reference_type
scores
url	https://curl.haxx.se/docs/CVE-2019-5482.html

reference_url

https://curl.se/docs/CVE-2019-5482.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2019-5482.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/684603
reference_id
reference_type
scores
url	https://hackerone.com/reports/684603

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/

reference_url	https://seclists.org/bugtraq/2020/Feb/36
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2020/Feb/36

reference_url	https://security.netapp.com/advisory/ntap-20191004-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191004-0003/

reference_url	https://security.netapp.com/advisory/ntap-20200416-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200416-0003/

reference_url	https://www.debian.org/security/2020/dsa-4633
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4633

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1749652
reference_id	1749652
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1749652

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010
reference_id	940010
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010

reference_url

https://security.archlinux.org/AVG-1982

reference_id

AVG-1982

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1982

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
reference_id	cpe:2.3:a:haxx:curl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_insight:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware_vsphere::*
reference_id	cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware_vsphere::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::vmware_vsphere::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*
reference_id	cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager::::::windows::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_id	cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_border_controller:8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:::::::*
reference_id	cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server::::::::
reference_id	cpe:2.3:a:oracle:mysql_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:::::::*
reference_id	cpe:2.3:a:oracle:oss_support_tools:20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-5482

reference_id

CVE-2019-5482

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-5482

reference_url	https://security.gentoo.org/glsa/202003-29
reference_id	GLSA-202003-29
reference_type
scores
url	https://security.gentoo.org/glsa/202003-29

reference_url	https://access.redhat.com/errata/RHSA-2020:0250
reference_id	RHSA-2020:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0250

reference_url	https://access.redhat.com/errata/RHSA-2020:1792
reference_id	RHSA-2020:1792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1792

reference_url	https://access.redhat.com/errata/RHSA-2020:3916
reference_id	RHSA-2020:3916
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3916

reference_url	https://access.redhat.com/errata/RHSA-2021:0759
reference_id	RHSA-2021:0759
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0759

reference_url	https://access.redhat.com/errata/RHSA-2021:0877
reference_id	RHSA-2021:0877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0877

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://access.redhat.com/errata/RHSA-2021:1027
reference_id	RHSA-2021:1027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1027

reference_url	https://usn.ubuntu.com/4129-1/
reference_id	USN-4129-1
reference_type
scores
url	https://usn.ubuntu.com/4129-1/

reference_url	https://usn.ubuntu.com/4129-2/
reference_id	USN-4129-2
reference_type
scores
url	https://usn.ubuntu.com/4129-2/

fixed_packages

url pkg:generic/curl.se/curl@7.66.0

purl pkg:generic/curl.se/curl@7.66.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-frgg-29yv-dyf7

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j5s3-rr74-nqb8

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0

aliases CVE-2019-5482

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwam-tcmv-kqhc

url VCID-xspf-45t1-2uhf

vulnerability_id VCID-xspf-45t1-2uhf

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which can allow remote attackers to cause Denial of Service condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3143

reference_id

reference_type

scores

value	0.03475
scoring_system	epss
scoring_elements	0.8757
published_at	2026-04-16T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.875
published_at	2026-04-01T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.8751
published_at	2026-04-02T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87524
published_at	2026-04-04T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87526
published_at	2026-04-07T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87545
published_at	2026-04-08T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87552
published_at	2026-04-09T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87563
published_at	2026-04-11T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87559
published_at	2026-04-12T12:55:00Z

value	0.03475
scoring_system	epss
scoring_elements	0.87556
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3143

reference_url

https://curl.se/docs/CVE-2015-3143.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2015-3143.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213306
reference_id	1213306
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213306

reference_url	https://security.gentoo.org/glsa/201509-02
reference_id	GLSA-201509-02
reference_type
scores
url	https://security.gentoo.org/glsa/201509-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1254
reference_id	RHSA-2015:1254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1254

reference_url	https://access.redhat.com/errata/RHSA-2015:2159
reference_id	RHSA-2015:2159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2159

reference_url	https://usn.ubuntu.com/2591-1/
reference_id	USN-2591-1
reference_type
scores
url	https://usn.ubuntu.com/2591-1/

fixed_packages

url pkg:generic/curl.se/curl@7.42.0

purl pkg:generic/curl.se/curl@7.42.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r447-deb8-2ydj

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yubp-g4rt-c3e6

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.42.0

aliases CVE-2015-3143

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xspf-45t1-2uhf

url VCID-y32p-52ps-4ug4

vulnerability_id VCID-y32p-52ps-4ug4

summary

Use of Incorrectly-Resolved Name or Reference
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function does not take `issuercert` into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn't include the `issuer cert` which a transfer can set to qualify how to verify the server certificate.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22924

reference_id

reference_type

scores

value	0.00746
scoring_system	epss
scoring_elements	0.73012
published_at	2026-04-01T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73021
published_at	2026-04-02T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73016
published_at	2026-04-07T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73107
published_at	2026-04-16T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73064
published_at	2026-04-13T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.7307
published_at	2026-04-12T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73091
published_at	2026-04-11T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73066
published_at	2026-04-09T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73053
published_at	2026-04-08T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73042
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22924

reference_url

https://curl.se/docs/CVE-2021-22924.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2021-22924.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1223565

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://hackerone.com/reports/1223565

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1981460
reference_id	1981460
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1981460

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492
reference_id	991492
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492

reference_url	https://security.archlinux.org/ASA-202107-59
reference_id	ASA-202107-59
reference_type
scores
url	https://security.archlinux.org/ASA-202107-59

reference_url	https://security.archlinux.org/ASA-202107-60
reference_id	ASA-202107-60
reference_type
scores
url	https://security.archlinux.org/ASA-202107-60

reference_url	https://security.archlinux.org/ASA-202107-61
reference_id	ASA-202107-61
reference_type
scores
url	https://security.archlinux.org/ASA-202107-61

reference_url	https://security.archlinux.org/ASA-202107-62
reference_id	ASA-202107-62
reference_type
scores
url	https://security.archlinux.org/ASA-202107-62

reference_url	https://security.archlinux.org/ASA-202107-63
reference_id	ASA-202107-63
reference_type
scores
url	https://security.archlinux.org/ASA-202107-63

reference_url	https://security.archlinux.org/ASA-202107-64
reference_id	ASA-202107-64
reference_type
scores
url	https://security.archlinux.org/ASA-202107-64

reference_url

reference_id

AVG-2194

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2195

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2196

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2197

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2198

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2199

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-22924
reference_id	CVE-2021-22924
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-22924

reference_url

reference_id

dsa-5197

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

reference_url

reference_id

FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

reference_url

https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20210902-0003/

reference_id

ntap-20210902-0003

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://security.netapp.com/advisory/ntap-20210902-0003/

reference_url

https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E

reference_id

r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E

reference_id

r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E

reference_id

rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E

reference_id

rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E

reference_url	https://access.redhat.com/errata/RHSA-2021:3582
reference_id	RHSA-2021:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3582

reference_url	https://access.redhat.com/errata/RHSA-2022:1354
reference_id	RHSA-2022:1354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1354

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

reference_id

ssa-484086.pdf

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf

reference_id

ssa-732250.pdf

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/

url

https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf

reference_url	https://usn.ubuntu.com/5021-1/
reference_id	USN-5021-1
reference_type
scores
url	https://usn.ubuntu.com/5021-1/

fixed_packages

url pkg:generic/curl.se/curl@7.78.0

purl pkg:generic/curl.se/curl@7.78.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bdy2-8gub-tfe6

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0

aliases CVE-2021-22924

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y32p-52ps-4ug4

url VCID-y4x5-n5m2-x7bq

vulnerability_id VCID-y4x5-n5m2-x7bq

summary Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32208

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37884
published_at	2026-04-16T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37916
published_at	2026-04-02T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37942
published_at	2026-04-04T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37819
published_at	2026-04-07T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.3787
published_at	2026-04-08T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37883
published_at	2026-04-09T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37898
published_at	2026-04-11T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37862
published_at	2026-04-12T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37837
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32208

reference_url

https://curl.se/docs/CVE-2022-32208.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2022-32208.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/1590071

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://hackerone.com/reports/1590071

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2099306
reference_id	2099306
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2099306

reference_url

http://seclists.org/fulldisclosure/2022/Oct/28

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

http://seclists.org/fulldisclosure/2022/Oct/28

reference_url

http://seclists.org/fulldisclosure/2022/Oct/41

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

http://seclists.org/fulldisclosure/2022/Oct/41

reference_url

https://security.archlinux.org/AVG-2817

reference_id

AVG-2817

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2817

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/

reference_id

BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/

reference_url

reference_id

dsa-5197

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

reference_url

reference_id

GLSA-202212-01

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://support.apple.com/kb/HT213488

reference_url

reference_id

HT213488

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://support.apple.com/kb/HT213488

reference_url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20220915-0003/

reference_id

ntap-20220915-0003

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/

url

https://security.netapp.com/advisory/ntap-20220915-0003/

reference_url	https://access.redhat.com/errata/RHSA-2022:6157
reference_id	RHSA-2022:6157
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6157

reference_url	https://access.redhat.com/errata/RHSA-2022:6159
reference_id	RHSA-2022:6159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6159

reference_url	https://access.redhat.com/errata/RHSA-2022:8840
reference_id	RHSA-2022:8840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8840

reference_url	https://access.redhat.com/errata/RHSA-2022:8841
reference_id	RHSA-2022:8841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8841

reference_url	https://usn.ubuntu.com/5495-1/
reference_id	USN-5495-1
reference_type
scores
url	https://usn.ubuntu.com/5495-1/

reference_url	https://usn.ubuntu.com/5499-1/
reference_id	USN-5499-1
reference_type
scores
url	https://usn.ubuntu.com/5499-1/

fixed_packages

url pkg:generic/curl.se/curl@7.84.0

purl pkg:generic/curl.se/curl@7.84.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4e1k-7bj9-hfch

vulnerability	VCID-4gze-cwtp-2bgr

vulnerability	VCID-4seq-hvbx-7fg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bz4u-6rft-s3a8

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-ej47-4dcu-5fhy

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-m15r-v9sr-2bbn

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-pwn6-j8vf-rufk

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-rg54-svzj-x7f9

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t9p4-2x7v-yfaq

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-wgma-bycg-1qb1

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xpss-yndr-mycj

vulnerability	VCID-yaas-j3qk-kfdg

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0

aliases CVE-2022-32208

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4x5-n5m2-x7bq

url VCID-ya9y-nav3-37hh

vulnerability_id VCID-ya9y-nav3-37hh

summary curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1263

reference_id

reference_type

scores

value	0.05846
scoring_system	epss
scoring_elements	0.90563
published_at	2026-04-16T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90504
published_at	2026-04-01T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90508
published_at	2026-04-02T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90519
published_at	2026-04-04T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90525
published_at	2026-04-07T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90538
published_at	2026-04-08T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90544
published_at	2026-04-09T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90552
published_at	2026-04-12T12:55:00Z

value	0.05846
scoring_system	epss
scoring_elements	0.90546
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1263

reference_url

https://curl.se/docs/CVE-2014-1263.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-1263.html

fixed_packages

url pkg:generic/curl.se/curl@7.36.0

purl pkg:generic/curl.se/curl@7.36.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.36.0

aliases CVE-2014-1263

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya9y-nav3-37hh

url VCID-yvdd-ataf-ckf1

vulnerability_id VCID-yvdd-ataf-ckf1

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could result in information disclosure or data loss.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8231

reference_id

reference_type

scores

value	0.00159
scoring_system	epss
scoring_elements	0.36844
published_at	2026-04-16T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36823
published_at	2026-04-12T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36798
published_at	2026-04-13T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44841
published_at	2026-04-02T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44863
published_at	2026-04-04T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44803
published_at	2026-04-07T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44855
published_at	2026-04-08T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44858
published_at	2026-04-09T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44875
published_at	2026-04-11T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44761
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8231

reference_url

https://curl.se/docs/CVE-2020-8231.html

reference_id

reference_type

scores

value	Low
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2020-8231.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/948876
reference_id
reference_type
scores
url	https://hackerone.com/reports/948876

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1868032
reference_id	1868032
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1868032

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831
reference_id	968831
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8231
reference_id	CVE-2020-8231
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8231

reference_url	https://security.gentoo.org/glsa/202012-14
reference_id	GLSA-202012-14
reference_type
scores
url	https://security.gentoo.org/glsa/202012-14

reference_url	https://access.redhat.com/errata/RHSA-2021:1610
reference_id	RHSA-2021:1610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1610

reference_url	https://usn.ubuntu.com/4466-1/
reference_id	USN-4466-1
reference_type
scores
url	https://usn.ubuntu.com/4466-1/

reference_url	https://usn.ubuntu.com/4466-2/
reference_id	USN-4466-2
reference_type
scores
url	https://usn.ubuntu.com/4466-2/

reference_url	https://usn.ubuntu.com/4665-1/
reference_id	USN-4665-1
reference_type
scores
url	https://usn.ubuntu.com/4665-1/

fixed_packages

url pkg:generic/curl.se/curl@7.72.0

purl pkg:generic/curl.se/curl@7.72.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-d3s1-3qs7-2uhw

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-frgg-29yv-dyf7

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-gv7x-j8bz-wycc

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-n57n-cymy-z7dr

vulnerability	VCID-nvzd-v3bs-6qek

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpux-jh6k-8qhx

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t1fk-cbsx-j3gh

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t8t6-9wa3-aub7

vulnerability	VCID-tcqe-7skm-b3fz

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-vbbv-k1r7-kkas

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xzay-sjpy-3yce

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.72.0

aliases CVE-2020-8231

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvdd-ataf-ckf1

url VCID-yxks-8529-23bj

vulnerability_id VCID-yxks-8529-23bj

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8625

reference_id

reference_type

scores

value	0.01526
scoring_system	epss
scoring_elements	0.81219
published_at	2026-04-01T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.8132
published_at	2026-04-16T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.81228
published_at	2026-04-02T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.81251
published_at	2026-04-04T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.8125
published_at	2026-04-07T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.81278
published_at	2026-04-08T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.81283
published_at	2026-04-13T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.81304
published_at	2026-04-11T12:55:00Z

value	0.01526
scoring_system	epss
scoring_elements	0.8129
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8625

reference_url

https://curl.se/docs/CVE-2016-8625.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8625.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388392
reference_id	1388392
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388392

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2174

reference_url	https://security.gentoo.org/glsa/201701-47
reference_id	GLSA-201701-47
reference_type
scores
url	https://security.gentoo.org/glsa/201701-47

fixed_packages

url pkg:generic/curl.se/curl@7.51.0

purl pkg:generic/curl.se/curl@7.51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hrsy-694u-2fec

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jnfc-8f5d-pyh4

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-n51k-39uk-auca

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-qdcn-2u3v-b3cv

vulnerability	VCID-qpfa-s6sd-8yct

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-u4bx-xqb3-vuef

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0

aliases CVE-2016-8625

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yxks-8529-23bj

url VCID-z49y-v1gh-h7gj

vulnerability_id VCID-z49y-v1gh-h7gj

summary

Multiple vulnerabilities have been found in cURL, allowing
    attackers to execute arbitrary code or cause Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2174.json

reference_url

reference_id

reference_type

scores

value	0.03181
scoring_system	epss
scoring_elements	0.86981
published_at	2026-04-16T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86912
published_at	2026-04-01T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86923
published_at	2026-04-02T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86942
published_at	2026-04-04T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86936
published_at	2026-04-07T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86956
published_at	2026-04-08T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86963
published_at	2026-04-09T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86977
published_at	2026-04-11T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86971
published_at	2026-04-12T12:55:00Z

value	0.03181
scoring_system	epss
scoring_elements	0.86966
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2174

reference_url

https://curl.se/docs/CVE-2013-2174.html

reference_id

reference_type

scores

value	High
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2013-2174.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=965640
reference_id	965640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=965640

reference_url	https://security.gentoo.org/glsa/201401-14
reference_id	GLSA-201401-14
reference_type
scores
url	https://security.gentoo.org/glsa/201401-14

reference_url	https://access.redhat.com/errata/RHSA-2013:0983
reference_id	RHSA-2013:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0983

reference_url	https://usn.ubuntu.com/1894-1/
reference_id	USN-1894-1
reference_type
scores
url	https://usn.ubuntu.com/1894-1/

fixed_packages

url pkg:generic/curl.se/curl@7.31.0

purl pkg:generic/curl.se/curl@7.31.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-4mk9-5buz-puh5

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-87qu-j64w-p7fj

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bdrx-sm6b-sken

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c2na-7q9e-47am

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-ma8s-he6x-z7a8

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-ya9y-nav3-37hh

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-z8h3-fdj8-xuaa

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.31.0

aliases CVE-2013-2174

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z49y-v1gh-h7gj

url VCID-z8h3-fdj8-xuaa

vulnerability_id VCID-z8h3-fdj8-xuaa

summary

Multiple vulnerabilities have been discovered in cURL, the worst of
    which could lead to man-in-the-middle attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0138.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0138

reference_id

reference_type

scores

value	0.00676
scoring_system	epss
scoring_elements	0.71517
published_at	2026-04-16T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71431
published_at	2026-04-07T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71439
published_at	2026-04-02T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71457
published_at	2026-04-04T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71471
published_at	2026-04-08T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71483
published_at	2026-04-09T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71506
published_at	2026-04-11T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.7149
published_at	2026-04-12T12:55:00Z

value	0.00676
scoring_system	epss
scoring_elements	0.71472
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0138

reference_url

https://curl.se/docs/CVE-2014-0138.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2014-0138.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1079148
reference_id	1079148
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1079148

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728
reference_id	742728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742728

reference_url	https://security.gentoo.org/glsa/201406-21
reference_id	GLSA-201406-21
reference_type
scores
url	https://security.gentoo.org/glsa/201406-21

reference_url	https://access.redhat.com/errata/RHSA-2014:0561
reference_id	RHSA-2014:0561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0561

reference_url	https://usn.ubuntu.com/2167-1/
reference_id	USN-2167-1
reference_type
scores
url	https://usn.ubuntu.com/2167-1/

fixed_packages

url pkg:generic/curl.se/curl@7.36.0

purl pkg:generic/curl.se/curl@7.36.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1k8f-qgcv-xkhb

vulnerability	VCID-1mf9-u8y1-zbb1

vulnerability	VCID-26ju-84rx-c7b9

vulnerability	VCID-29n1-4u2b-tkgj

vulnerability	VCID-2b39-ubrt-hkc6

vulnerability	VCID-2cx5-1qnw-uufj

vulnerability	VCID-2xmp-jc8v-bucb

vulnerability	VCID-3sy2-4f3g-zkac

vulnerability	VCID-47qb-2qkw-1qej

vulnerability	VCID-56wg-yafz-gkgx

vulnerability	VCID-5jan-pqf6-fyhr

vulnerability	VCID-5n7a-9j23-e7dj

vulnerability	VCID-6muy-xpdq-9kg8

vulnerability	VCID-6we4-n888-6qhe

vulnerability	VCID-6yb7-t8qs-cbch

vulnerability	VCID-75nw-4e2d-zqgg

vulnerability	VCID-79sv-kzb5-hbc4

vulnerability	VCID-7c8e-eaqy-akeu

vulnerability	VCID-7srk-hshe-h3f4

vulnerability	VCID-7vt9-pf5q-uqb6

vulnerability	VCID-7xxh-66ys-4bhw

vulnerability	VCID-8zks-th64-33b8

vulnerability	VCID-9ggp-5wfj-ufcq

vulnerability	VCID-9nak-pscy-e7gs

vulnerability	VCID-a3v7-ptf1-6qgd

vulnerability	VCID-a9b6-m25r-kygw

vulnerability	VCID-ae59-w7a1-7keg

vulnerability	VCID-arjz-67yz-wkg9

vulnerability	VCID-b2ef-zj3u-rbhy

vulnerability	VCID-bb2f-7qrm-1kca

vulnerability	VCID-bgtv-jrna-9yb3

vulnerability	VCID-bhvd-ntxz-dkg4

vulnerability	VCID-bv57-gvfs-qfhj

vulnerability	VCID-c6dk-7gj6-7far

vulnerability	VCID-cbah-e86c-w3fj

vulnerability	VCID-cbph-fu9d-gbah

vulnerability	VCID-cp4n-p2z3-43b4

vulnerability	VCID-dc3c-3wab-57gh

vulnerability	VCID-ddgz-rczw-jqfw

vulnerability	VCID-dgtq-eaav-jyhf

vulnerability	VCID-dzzd-afgu-3fcy

vulnerability	VCID-e58m-g37d-9fd6

vulnerability	VCID-eap9-v2gp-fqgh

vulnerability	VCID-eer3-29q8-sbgq

vulnerability	VCID-ekav-zg3k-v3ea

vulnerability	VCID-etzn-uhck-h7b2

vulnerability	VCID-fnj3-2du1-4bhx

vulnerability	VCID-fp65-97n1-xuaj

vulnerability	VCID-ggt7-eejg-xfb6

vulnerability	VCID-gnx2-djyk-uyaf

vulnerability	VCID-hj8v-tgnn-mfdw

vulnerability	VCID-hudt-78dw-tkf2

vulnerability	VCID-j2cq-q3r9-jfcp

vulnerability	VCID-j2qx-np45-4qdu

vulnerability	VCID-jeqg-g3en-5udw

vulnerability	VCID-jqqf-gmd3-ubcd

vulnerability	VCID-jtw4-af4y-nkbk

vulnerability	VCID-ju6h-a1sz-f7e5

vulnerability	VCID-k8kj-q1je-f7bt

vulnerability	VCID-mkyr-w79c-qqfz

vulnerability	VCID-ms2r-94ph-yyh3

vulnerability	VCID-ph5u-5j8n-4qah

vulnerability	VCID-q229-ag6u-u3hv

vulnerability	VCID-qbpd-star-6fgn

vulnerability	VCID-r7bh-7wur-xffs

vulnerability	VCID-rmez-cwu2-2ya7

vulnerability	VCID-s73y-y7v7-43cm

vulnerability	VCID-sh5a-fmna-wffr

vulnerability	VCID-sknq-8mm1-6qfe

vulnerability	VCID-snaz-pg1h-8kew

vulnerability	VCID-syz5-5y6f-s7er

vulnerability	VCID-t4gn-9fw8-gkc3

vulnerability	VCID-t753-w1ha-kqaz

vulnerability	VCID-tmv3-fzje-sbck

vulnerability	VCID-tz47-j4ey-t7g6

vulnerability	VCID-v3qf-6wju-1bg8

vulnerability	VCID-vxpj-xygq-9be2

vulnerability	VCID-vyk2-s5ut-ubbz

vulnerability	VCID-w8ks-xk66-r3fm

vulnerability	VCID-wc8j-qyp4-tqbd

vulnerability	VCID-wh98-pw9h-cyfx

vulnerability	VCID-wrh2-77dv-hbdz

vulnerability	VCID-wwam-tcmv-kqhc

vulnerability	VCID-x57x-w8g8-7ybz

vulnerability	VCID-xspf-45t1-2uhf

vulnerability	VCID-y32p-52ps-4ug4

vulnerability	VCID-y4x5-n5m2-x7bq

vulnerability	VCID-yvdd-ataf-ckf1

vulnerability	VCID-yxks-8529-23bj

vulnerability	VCID-zxz2-xfpd-pbay

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.36.0

aliases CVE-2014-0138

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8h3-fdj8-xuaa

url VCID-zxz2-xfpd-pbay

vulnerability_id VCID-zxz2-xfpd-pbay

summary

Multiple vulnerabilities have been found in cURL, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8617

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.19573
published_at	2026-04-01T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19482
published_at	2026-04-16T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19714
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19763
published_at	2026-04-04T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19488
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19567
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19619
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19623
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19575
published_at	2026-04-12T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19517
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8617

reference_url

https://curl.se/docs/CVE-2016-8617.html

reference_id

reference_type

scores

value	Medium
scoring_system	cvssv3.1
scoring_elements

url

https://curl.se/docs/CVE-2016-8617.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388377
reference_id	1388377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388377

reference_url	https://security.archlinux.org/ASA-201611-10
reference_id	ASA-201611-10
reference_type
scores
url	https://security.archlinux.org/ASA-201611-10

reference_url	https://security.archlinux.org/ASA-201611-4
reference_id	ASA-201611-4
reference_type
scores
url	https://security.archlinux.org/ASA-201611-4

reference_url	https://security.archlinux.org/ASA-201611-5
reference_id	ASA-201611-5
reference_type
scores
url	https://security.archlinux.org/ASA-201611-5

reference_url	https://security.archlinux.org/ASA-201611-7
reference_id	ASA-201611-7
reference_type
scores
url	https://security.archlinux.org/ASA-201611-7

reference_url	https://security.archlinux.org/ASA-201611-8
reference_id	ASA-201611-8
reference_type
scores
url	https://security.archlinux.org/ASA-201611-8

reference_url	https://security.archlinux.org/ASA-201611-9
reference_id	ASA-201611-9
reference_type
scores
url	https://security.archlinux.org/ASA-201611-9

reference_url

reference_id

AVG-60

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-61

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-62

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-63

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-65

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-66

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url