{"url":"http://public2.vulnerablecode.io/api/packages/370779?format=json","purl":"pkg:generic/curl.se/curl@7.50.3","type":"generic","namespace":"curl.se","name":"curl","version":"7.50.3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"8.20.0","latest_non_vulnerable_version":"8.20.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49272?format=json","vulnerability_id":"VCID-1k8f-qgcv-xkhb","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27782","reference_id":"","reference_type":"","scores":[{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64647","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64515","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64472","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.6452","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64552","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.6454","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64512","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64558","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64551","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64582","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64557","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64603","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00469","scoring_system":"epss","scoring_elements":"0.64484","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27782"},{"reference_url":"https://curl.se/docs/CVE-2022-27782.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-27782.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1555796","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"https://hackerone.com/reports/1555796"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082215","reference_id":"2082215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082215"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/03/20/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/03/20/6"},{"reference_url":"https://security.archlinux.org/AVG-2706","reference_id":"AVG-2706","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2706"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0009/","reference_id":"ntap-20220609-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:54:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5245","reference_id":"RHSA-2022:5245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5313","reference_id":"RHSA-2022:5313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5313"},{"reference_url":"https://usn.ubuntu.com/5412-1/","reference_id":"USN-5412-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5412-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370827?format=json","purl":"pkg:generic/curl.se/curl@7.83.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1"}],"aliases":["CVE-2022-27782"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1k8f-qgcv-xkhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49714?format=json","vulnerability_id":"VCID-1mf9-u8y1-zbb1","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow attackers to bypass intended restrictions.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000101","reference_id":"","reference_type":"","scores":[{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69116","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69124","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69109","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69609","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69576","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70151","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70175","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.7016","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.7019","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70111","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73414","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.7342","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000101"},{"reference_url":"https://curl.haxx.se/docs/adv_20170809A.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"https://curl.haxx.se/docs/adv_20170809A.html"},{"reference_url":"https://curl.se/docs/CVE-2017-1000101.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-1000101.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://support.apple.com/HT208221","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"https://support.apple.com/HT208221"},{"reference_url":"http://www.debian.org/security/2017/dsa-3992","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"http://www.debian.org/security/2017/dsa-3992"},{"reference_url":"http://www.securityfocus.com/bid/100249","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"http://www.securityfocus.com/bid/100249"},{"reference_url":"http://www.securitytracker.com/id/1039117","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"http://www.securitytracker.com/id/1039117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478309","reference_id":"1478309","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478309"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554","reference_id":"871554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871554"},{"reference_url":"https://security.archlinux.org/ASA-201708-16","reference_id":"ASA-201708-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-16"},{"reference_url":"https://security.archlinux.org/AVG-370","reference_id":"AVG-370","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-370"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000101","reference_id":"CVE-2017-1000101","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"},{"reference_url":"https://security.gentoo.org/glsa/201709-14","reference_id":"GLSA-201709-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:45:32Z/"}],"url":"https://security.gentoo.org/glsa/201709-14"},{"reference_url":"https://usn.ubuntu.com/3441-1/","reference_id":"USN-3441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370787?format=json","purl":"pkg:generic/curl.se/curl@7.55.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.55.0"}],"aliases":["CVE-2017-1000101"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mf9-u8y1-zbb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49715?format=json","vulnerability_id":"VCID-26ju-84rx-c7b9","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow attackers to bypass intended restrictions.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7407","reference_id":"","reference_type":"","scores":[{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41207","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51184","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51072","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51162","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51523","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51549","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51509","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.5156","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51604","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51583","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51572","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51614","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51472","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51811","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51854","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51849","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51759","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7407"},{"reference_url":"https://curl.se/docs/CVE-2017-7407.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-7407.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:N/A:N"},{"value":"2.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/"}],"url":"https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1439190","reference_id":"1439190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1439190"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500","reference_id":"859500","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859500"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7407","reference_id":"CVE-2017-7407","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"2.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7407"},{"reference_url":"https://security.gentoo.org/glsa/201709-14","reference_id":"GLSA-201709-14","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:44:34Z/"}],"url":"https://security.gentoo.org/glsa/201709-14"},{"reference_url":"https://usn.ubuntu.com/3441-1/","reference_id":"USN-3441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-1/"},{"reference_url":"https://usn.ubuntu.com/3441-2/","reference_id":"USN-3441-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370785?format=json","purl":"pkg:generic/curl.se/curl@7.54.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-u9jp-j1ds-73e7"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.54.0"}],"aliases":["CVE-2017-7407"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26ju-84rx-c7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34392?format=json","vulnerability_id":"VCID-29n1-4u2b-tkgj","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16842","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32009","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31828","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31838","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31967","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36706","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37101","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3713","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37074","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36849","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36817","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36729","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36612","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3668","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16842"},{"reference_url":"https://curl.se/docs/CVE-2018-16842.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-16842.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1042014","reference_id":"1042014","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"http://www.securitytracker.com/id/1042014"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644124","reference_id":"1644124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644124"},{"reference_url":"https://security.archlinux.org/ASA-201811-4","reference_id":"ASA-201811-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-4"},{"reference_url":"https://security.archlinux.org/AVG-795","reference_id":"AVG-795","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-795"},{"reference_url":"https://curl.haxx.se/docs/CVE-2018-16842.html","reference_id":"CVE-2018-16842.html","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://curl.haxx.se/docs/CVE-2018-16842.html"},{"reference_url":"https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211","reference_id":"d530e92f59ae9bb2d47066c3c460b25d2ffeb211","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211"},{"reference_url":"https://www.debian.org/security/2018/dsa-4331","reference_id":"dsa-4331","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://www.debian.org/security/2018/dsa-4331"},{"reference_url":"https://security.gentoo.org/glsa/201903-03","reference_id":"GLSA-201903-03","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://security.gentoo.org/glsa/201903-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2181","reference_id":"RHSA-2019:2181","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2181"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842","reference_id":"show_bug.cgi?id=CVE-2018-16842","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842"},{"reference_url":"https://usn.ubuntu.com/3805-1/","reference_id":"USN-3805-1","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://usn.ubuntu.com/3805-1/"},{"reference_url":"https://usn.ubuntu.com/3805-2/","reference_id":"USN-3805-2","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:56:25Z/"}],"url":"https://usn.ubuntu.com/3805-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370797?format=json","purl":"pkg:generic/curl.se/curl@7.62.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ac6r-spds-qbf5"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0"}],"aliases":["CVE-2018-16842"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29n1-4u2b-tkgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47223?format=json","vulnerability_id":"VCID-2b39-ubrt-hkc6","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5436.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5436","reference_id":"","reference_type":"","scores":[{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93439","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93455","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93456","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93464","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93467","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11139","scoring_system":"epss","scoring_elements":"0.93473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.13273","scoring_system":"epss","scoring_elements":"0.94181","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13273","scoring_system":"epss","scoring_elements":"0.94177","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13273","scoring_system":"epss","scoring_elements":"0.94161","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13581","scoring_system":"epss","scoring_elements":"0.94261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13581","scoring_system":"epss","scoring_elements":"0.94257","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13581","scoring_system":"epss","scoring_elements":"0.94258","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15484","scoring_system":"epss","scoring_elements":"0.94705","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15484","scoring_system":"epss","scoring_elements":"0.94696","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5436"},{"reference_url":"https://curl.se/docs/CVE-2019-5436.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2019-5436.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/550696","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/550696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1710620","reference_id":"1710620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1710620"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/11/6","reference_id":"6","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/09/11/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351","reference_id":"929351","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929351"},{"reference_url":"https://security.archlinux.org/ASA-201905-11","reference_id":"ASA-201905-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-11"},{"reference_url":"https://security.archlinux.org/ASA-201905-12","reference_id":"ASA-201905-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-12"},{"reference_url":"https://security.archlinux.org/ASA-201905-13","reference_id":"ASA-201905-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-13"},{"reference_url":"https://security.archlinux.org/ASA-201905-14","reference_id":"ASA-201905-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-14"},{"reference_url":"https://security.archlinux.org/ASA-201905-15","reference_id":"ASA-201905-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-15"},{"reference_url":"https://security.archlinux.org/ASA-201905-16","reference_id":"ASA-201905-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-16"},{"reference_url":"https://security.archlinux.org/AVG-959","reference_id":"AVG-959","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-959"},{"reference_url":"https://security.archlinux.org/AVG-960","reference_id":"AVG-960","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-960"},{"reference_url":"https://security.archlinux.org/AVG-961","reference_id":"AVG-961","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-961"},{"reference_url":"https://security.archlinux.org/AVG-962","reference_id":"AVG-962","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-962"},{"reference_url":"https://security.archlinux.org/AVG-963","reference_id":"AVG-963","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-963"},{"reference_url":"https://security.archlinux.org/AVG-964","reference_id":"AVG-964","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-964"},{"reference_url":"https://curl.haxx.se/docs/CVE-2019-5436.html","reference_id":"CVE-2019-5436.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://curl.haxx.se/docs/CVE-2019-5436.html"},{"reference_url":"https://security.gentoo.org/glsa/202003-29","reference_id":"GLSA-202003-29","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://security.gentoo.org/glsa/202003-29"},{"reference_url":"https://support.f5.com/csp/article/K55133295","reference_id":"K55133295","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://support.f5.com/csp/article/K55133295"},{"reference_url":"https://support.f5.com/csp/article/K55133295?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K55133295?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://support.f5.com/csp/article/K55133295?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190606-0004/","reference_id":"ntap-20190606-0004","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190606-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1020","reference_id":"RHSA-2020:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1792","reference_id":"RHSA-2020:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2505","reference_id":"RHSA-2020:2505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2505"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/","reference_id":"SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:51:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/"},{"reference_url":"https://usn.ubuntu.com/3993-1/","reference_id":"USN-3993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3993-1/"},{"reference_url":"https://usn.ubuntu.com/3993-2/","reference_id":"USN-3993-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3993-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370801?format=json","purl":"pkg:generic/curl.se/curl@7.65.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.65.0"}],"aliases":["CVE-2019-5436"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2b39-ubrt-hkc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64301?format=json","vulnerability_id":"VCID-2cx5-1qnw-uufj","summary":"curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16923","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17194","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17246","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16949","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19144","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19092","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.18978","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19059","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19156","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19134","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19316","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19261","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19223","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19246","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448","reference_id":"2446448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.json","reference_id":"CVE-2026-1965.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370671?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-acd8-mwm2-zka5"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-1965"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cx5-1qnw-uufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49279?format=json","vulnerability_id":"VCID-2xmp-jc8v-bucb","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35252","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43779","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43787","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43736","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52318","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52332","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52348","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.5236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52298","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5827","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58205","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58219","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58168","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5821","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58912","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35252"},{"reference_url":"https://curl.se/docs/CVE-2022-35252.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-35252.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1613943","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://hackerone.com/reports/1613943"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831","reference_id":"1018831","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/21","reference_id":"21","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/21"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120718","reference_id":"2120718","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120718"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213603","reference_id":"HT213603","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://support.apple.com/kb/HT213603"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220930-0005/","reference_id":"ntap-20220930-0005","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220930-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2478","reference_id":"RHSA-2023:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2963","reference_id":"RHSA-2023:2963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5587-1/","reference_id":"USN-5587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370829?format=json","purl":"pkg:generic/curl.se/curl@7.85.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rg54-svzj-x7f9"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0"}],"aliases":["CVE-2022-35252"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xmp-jc8v-bucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354616?format=json","vulnerability_id":"VCID-3qck-hm3c-tqaq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json"},{"reference_url":"https://curl.se/docs/CVE-2026-4873.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-4873.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3621851","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3621851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200","reference_id":"2461200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-4873"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qck-hm3c-tqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49266?format=json","vulnerability_id":"VCID-3sy2-4f3g-zkac","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27774","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53855","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53749","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53775","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53748","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53847","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.5383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53851","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53814","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54579","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54541","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54556","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54535","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54526","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27774"},{"reference_url":"https://curl.se/docs/CVE-2022-27774.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-27774.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1543773","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/"}],"url":"https://hackerone.com/reports/1543773"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254","reference_id":"1010254","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010254"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077547","reference_id":"2077547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077547"},{"reference_url":"https://security.archlinux.org/AVG-2685","reference_id":"AVG-2685","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2685"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0008/","reference_id":"ntap-20220609-0008","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:41:23Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220609-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5245","reference_id":"RHSA-2022:5245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5313","reference_id":"RHSA-2022:5313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5313"},{"reference_url":"https://usn.ubuntu.com/5397-1/","reference_id":"USN-5397-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5397-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370826?format=json","purl":"pkg:generic/curl.se/curl@7.83.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6ge5-86tg-dydf"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hjkx-6yep-mkde"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rhxh-77pj-1bfy"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v9n1-d6xt-6ubn"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0"}],"aliases":["CVE-2022-27774"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sy2-4f3g-zkac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57268?format=json","vulnerability_id":"VCID-47qb-2qkw-1qej","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28321","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50659","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50695","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50746","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50704","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50665","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50582","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50635","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52959","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52966","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53064","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53057","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.5302","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53037","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53052","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53003","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53009","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52991","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28321"},{"reference_url":"https://curl.se/docs/CVE-2023-28321.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28321.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1950627","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://hackerone.com/reports/1950627"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196786","reference_id":"2196786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196786"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","reference_id":"F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4354","reference_id":"RHSA-2023:4354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4523","reference_id":"RHSA-2023:4523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5598","reference_id":"RHSA-2023:5598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6292","reference_id":"RHSA-2023:6292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6292"},{"reference_url":"https://usn.ubuntu.com/6237-1/","reference_id":"USN-6237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-1/"},{"reference_url":"https://usn.ubuntu.com/6237-3/","reference_id":"USN-6237-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","reference_id":"Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370836?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28321"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47qb-2qkw-1qej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49259?format=json","vulnerability_id":"VCID-56wg-yafz-gkgx","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22922","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35115","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35039","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35067","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35012","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3505","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34988","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34757","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34738","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34648","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34517","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3459","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34627","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22922"},{"reference_url":"https://curl.se/docs/CVE-2021-22922.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22922.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1213175","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://hackerone.com/reports/1213175"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981435","reference_id":"1981435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981435"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3582","reference_id":"RHSA-2021:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3903","reference_id":"RHSA-2021:3903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370820?format=json","purl":"pkg:generic/curl.se/curl@7.78.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0"}],"aliases":["CVE-2021-22922"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56wg-yafz-gkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34703?format=json","vulnerability_id":"VCID-5jan-pqf6-fyhr","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8622","reference_id":"","reference_type":"","scores":[{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81971","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81948","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81879","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81901","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81927","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81911","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81947","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01715","scoring_system":"epss","scoring_elements":"0.82497","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01715","scoring_system":"epss","scoring_elements":"0.82455","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01715","scoring_system":"epss","scoring_elements":"0.82476","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8622"},{"reference_url":"https://curl.se/docs/CVE-2016-8622.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8622.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388386","reference_id":"1388386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388386"},{"reference_url":"http://www.securityfocus.com/bid/94105","reference_id":"94105","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/"}],"url":"http://www.securityfocus.com/bid/94105"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102H.html","reference_id":"adv_20161102H.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102H.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8622","reference_id":"show_bug.cgi?id=CVE-2016-8622","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:54:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8622"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8622"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5jan-pqf6-fyhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34390?format=json","vulnerability_id":"VCID-5n7a-9j23-e7dj","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16839","reference_id":"","reference_type":"","scores":[{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52577","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52659","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52613","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.52647","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00293","scoring_system":"epss","scoring_elements":"0.5262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58527","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58532","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58511","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58477","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58488","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58476","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58441","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58484","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16839"},{"reference_url":"https://curl.se/docs/CVE-2018-16839.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-16839.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1042012","reference_id":"1042012","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"http://www.securitytracker.com/id/1042012"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642201","reference_id":"1642201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642201"},{"reference_url":"https://security.archlinux.org/ASA-201811-7","reference_id":"ASA-201811-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-7"},{"reference_url":"https://security.archlinux.org/ASA-201811-8","reference_id":"ASA-201811-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-8"},{"reference_url":"https://security.archlinux.org/ASA-201811-9","reference_id":"ASA-201811-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-9"},{"reference_url":"https://security.archlinux.org/AVG-796","reference_id":"AVG-796","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-796"},{"reference_url":"https://security.archlinux.org/AVG-797","reference_id":"AVG-797","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-797"},{"reference_url":"https://security.archlinux.org/AVG-798","reference_id":"AVG-798","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-798"},{"reference_url":"https://curl.haxx.se/docs/CVE-2018-16839.html","reference_id":"CVE-2018-16839.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://curl.haxx.se/docs/CVE-2018-16839.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4331","reference_id":"dsa-4331","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://www.debian.org/security/2018/dsa-4331"},{"reference_url":"https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5","reference_id":"f3a24d7916b9173c69a3e0ee790102993833d6c5","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5"},{"reference_url":"https://security.gentoo.org/glsa/201903-03","reference_id":"GLSA-201903-03","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://security.gentoo.org/glsa/201903-03"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839","reference_id":"show_bug.cgi?id=CVE-2018-16839","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839"},{"reference_url":"https://usn.ubuntu.com/3805-1/","reference_id":"USN-3805-1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:57:02Z/"}],"url":"https://usn.ubuntu.com/3805-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370797?format=json","purl":"pkg:generic/curl.se/curl@7.62.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ac6r-spds-qbf5"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.62.0"}],"aliases":["CVE-2018-16839"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5n7a-9j23-e7dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34697?format=json","vulnerability_id":"VCID-6muy-xpdq-9kg8","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8616","reference_id":"","reference_type":"","scores":[{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88589","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88635","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88617","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.8864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88658","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88653","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88668","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88674","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88673","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0413","scoring_system":"epss","scoring_elements":"0.88598","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88795","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88784","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88766","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8616"},{"reference_url":"https://curl.se/docs/CVE-2016-8616.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8616.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388371","reference_id":"1388371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388371"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8616"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6muy-xpdq-9kg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71914?format=json","vulnerability_id":"VCID-6we4-n888-6qhe","summary":"libcurl: Buffer Overflow in libcurl via zlib Integer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63314","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.6327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63306","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63292","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63823","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63815","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63772","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.6384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63856","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63869","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69587","published_at":"2026-05-09T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69552","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.html","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2956023","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://hackerone.com/reports/2956023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899","reference_id":"2343899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.json","reference_id":"CVE-2025-0725.json","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370854?format=json","purl":"pkg:generic/curl.se/curl@8.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-176a-agbw-hqdy"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9mjz-apkm-g7h1"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-ksap-zrmb-ebcu"},{"vulnerability":"VCID-kt4b-7ffh-4bch"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0"}],"aliases":["CVE-2025-0725"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6we4-n888-6qhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49700?format=json","vulnerability_id":"VCID-6yb7-t8qs-cbch","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000007","reference_id":"","reference_type":"","scores":[{"value":"0.03344","scoring_system":"epss","scoring_elements":"0.87259","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03344","scoring_system":"epss","scoring_elements":"0.87283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03344","scoring_system":"epss","scoring_elements":"0.87269","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03344","scoring_system":"epss","scoring_elements":"0.87285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03344","scoring_system":"epss","scoring_elements":"0.87302","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88268","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88245","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88244","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88263","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.8827","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88282","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88298","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.8831","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88227","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88238","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03871","scoring_system":"epss","scoring_elements":"0.88231","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000007"},{"reference_url":"https://curl.se/docs/CVE-2018-1000007.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000007.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537125","reference_id":"1537125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537125"},{"reference_url":"https://security.archlinux.org/ASA-201801-20","reference_id":"ASA-201801-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-20"},{"reference_url":"https://security.archlinux.org/ASA-201801-22","reference_id":"ASA-201801-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-22"},{"reference_url":"https://security.archlinux.org/ASA-201801-23","reference_id":"ASA-201801-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-23"},{"reference_url":"https://security.archlinux.org/ASA-201801-24","reference_id":"ASA-201801-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-24"},{"reference_url":"https://security.archlinux.org/ASA-201801-25","reference_id":"ASA-201801-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-25"},{"reference_url":"https://security.archlinux.org/ASA-201801-26","reference_id":"ASA-201801-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-26"},{"reference_url":"https://security.archlinux.org/AVG-593","reference_id":"AVG-593","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-593"},{"reference_url":"https://security.archlinux.org/AVG-594","reference_id":"AVG-594","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-594"},{"reference_url":"https://security.archlinux.org/AVG-595","reference_id":"AVG-595","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-595"},{"reference_url":"https://security.archlinux.org/AVG-596","reference_id":"AVG-596","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-596"},{"reference_url":"https://security.archlinux.org/AVG-597","reference_id":"AVG-597","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-597"},{"reference_url":"https://security.archlinux.org/AVG-598","reference_id":"AVG-598","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-598"},{"reference_url":"https://security.gentoo.org/glsa/201804-04","reference_id":"GLSA-201804-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-04"},{"reference_url":"https://usn.ubuntu.com/3554-1/","reference_id":"USN-3554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3554-1/"},{"reference_url":"https://usn.ubuntu.com/3554-2/","reference_id":"USN-3554-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3554-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370792?format=json","purl":"pkg:generic/curl.se/curl@7.58.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0"}],"aliases":["CVE-2018-1000007"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yb7-t8qs-cbch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74464?format=json","vulnerability_id":"VCID-75nw-4e2d-zqgg","summary":"curl: libcurl: ASN.1 date parser overread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7264","reference_id":"","reference_type":"","scores":[{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.73978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.73947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.73973","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.73943","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.74029","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75472","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75407","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75396","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75437","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75443","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75538","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75467","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75476","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75514","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75429","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/1","reference_id":"1","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656","reference_id":"1077656","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301888","reference_id":"2301888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301888"},{"reference_url":"https://hackerone.com/reports/2629968","reference_id":"2629968","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://hackerone.com/reports/2629968"},{"reference_url":"https://curl.se/docs/CVE-2024-7264.html","reference_id":"CVE-2024-7264.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://curl.se/docs/CVE-2024-7264.html"},{"reference_url":"https://curl.se/docs/CVE-2024-7264.json","reference_id":"CVE-2024-7264.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://curl.se/docs/CVE-2024-7264.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7726","reference_id":"RHSA-2024:7726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1671","reference_id":"RHSA-2025:1671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1673","reference_id":"RHSA-2025:1673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1673"},{"reference_url":"https://usn.ubuntu.com/6944-1/","reference_id":"USN-6944-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6944-1/"},{"reference_url":"https://usn.ubuntu.com/6944-2/","reference_id":"USN-6944-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6944-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370849?format=json","purl":"pkg:generic/curl.se/curl@8.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-176a-agbw-hqdy"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9mjz-apkm-g7h1"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-kt4b-7ffh-4bch"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.1"}],"aliases":["CVE-2024-7264"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75nw-4e2d-zqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34393?format=json","vulnerability_id":"VCID-79sv-kzb5-hbc4","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3822.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3822","reference_id":"","reference_type":"","scores":[{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94927","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94923","published_at":"2026-04-16T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94916","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94891","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94907","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94879","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16566","scoring_system":"epss","scoring_elements":"0.94932","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17889","scoring_system":"epss","scoring_elements":"0.95185","published_at":"2026-05-09T12:55:00Z"},{"value":"0.17889","scoring_system":"epss","scoring_elements":"0.9517","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17889","scoring_system":"epss","scoring_elements":"0.95176","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3822"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"},{"reference_url":"https://curl.haxx.se/docs/CVE-2019-3822.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://curl.haxx.se/docs/CVE-2019-3822.html"},{"reference_url":"https://curl.se/docs/CVE-2019-3822.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2019-3822.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190315-0001/","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190315-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0004/","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190719-0004/"},{"reference_url":"https://support.f5.com/csp/article/K84141449","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://support.f5.com/csp/article/K84141449"},{"reference_url":"https://support.f5.com/csp/article/K84141449?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://support.f5.com/csp/article/K84141449?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://www.debian.org/security/2019/dsa-4386","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://www.debian.org/security/2019/dsa-4386"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.securityfocus.com/bid/106950","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"http://www.securityfocus.com/bid/106950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670254","reference_id":"1670254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670254"},{"reference_url":"https://security.archlinux.org/ASA-201902-10","reference_id":"ASA-201902-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-10"},{"reference_url":"https://security.archlinux.org/ASA-201902-11","reference_id":"ASA-201902-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-11"},{"reference_url":"https://security.archlinux.org/ASA-201902-12","reference_id":"ASA-201902-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-12"},{"reference_url":"https://security.archlinux.org/ASA-201902-13","reference_id":"ASA-201902-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-13"},{"reference_url":"https://security.archlinux.org/ASA-201902-9","reference_id":"ASA-201902-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-9"},{"reference_url":"https://security.archlinux.org/AVG-873","reference_id":"AVG-873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-873"},{"reference_url":"https://security.archlinux.org/AVG-874","reference_id":"AVG-874","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-874"},{"reference_url":"https://security.archlinux.org/AVG-875","reference_id":"AVG-875","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-875"},{"reference_url":"https://security.archlinux.org/AVG-876","reference_id":"AVG-876","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-876"},{"reference_url":"https://security.archlinux.org/AVG-877","reference_id":"AVG-877","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-877"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3822","reference_id":"CVE-2019-3822","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3822"},{"reference_url":"https://security.gentoo.org/glsa/201903-03","reference_id":"GLSA-201903-03","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://security.gentoo.org/glsa/201903-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3701","reference_id":"RHSA-2019:3701","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3701"},{"reference_url":"https://usn.ubuntu.com/3882-1/","reference_id":"USN-3882-1","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:41Z/"}],"url":"https://usn.ubuntu.com/3882-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370799?format=json","purl":"pkg:generic/curl.se/curl@7.64.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ac6r-spds-qbf5"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0"}],"aliases":["CVE-2019-3822"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79sv-kzb5-hbc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16993?format=json","vulnerability_id":"VCID-7srk-hshe-h3f4","summary":"Improper Authentication\nAn authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27538","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01618","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01621","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01629","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01646","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01628","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01622","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.036","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03588","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05601","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05545","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05595","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27538"},{"reference_url":"https://curl.se/docs/CVE-2023-27538.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27538.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1898475","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://hackerone.com/reports/1898475"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179103","reference_id":"2179103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179103"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27538","reference_id":"CVE-2023-27538","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27538"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370834?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27538"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7srk-hshe-h3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49308?format=json","vulnerability_id":"VCID-7vt9-pf5q-uqb6","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0327","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3157","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0544","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0594","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0594"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000301","reference_id":"","reference_type":"","scores":[{"value":"0.02038","scoring_system":"epss","scoring_elements":"0.83856","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02038","scoring_system":"epss","scoring_elements":"0.83858","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.85931","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86015","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.85998","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.86013","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.85957","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.85968","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.85984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.86003","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.86027","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.86025","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02761","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02785","scoring_system":"epss","scoring_elements":"0.86109","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02785","scoring_system":"epss","scoring_elements":"0.86138","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02785","scoring_system":"epss","scoring_elements":"0.86119","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000301"},{"reference_url":"https://curl.haxx.se/docs/adv_2018-b138.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://curl.haxx.se/docs/adv_2018-b138.html"},{"reference_url":"https://curl.se/docs/CVE-2018-1000301.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000301.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00010.html"},{"reference_url":"https://usn.ubuntu.com/3598-2/","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://usn.ubuntu.com/3598-2/"},{"reference_url":"https://www.debian.org/security/2018/dsa-4202","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://www.debian.org/security/2018/dsa-4202"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"http://www.securityfocus.com/bid/104225","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"http://www.securityfocus.com/bid/104225"},{"reference_url":"http://www.securitytracker.com/id/1040931","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"http://www.securitytracker.com/id/1040931"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1575536","reference_id":"1575536","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1575536"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856","reference_id":"898856","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898856"},{"reference_url":"https://security.archlinux.org/ASA-201805-13","reference_id":"ASA-201805-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-13"},{"reference_url":"https://security.archlinux.org/ASA-201805-14","reference_id":"ASA-201805-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-14"},{"reference_url":"https://security.archlinux.org/ASA-201805-15","reference_id":"ASA-201805-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-15"},{"reference_url":"https://security.archlinux.org/ASA-201805-16","reference_id":"ASA-201805-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-16"},{"reference_url":"https://security.archlinux.org/ASA-201805-17","reference_id":"ASA-201805-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-17"},{"reference_url":"https://security.archlinux.org/ASA-201805-18","reference_id":"ASA-201805-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-18"},{"reference_url":"https://security.archlinux.org/AVG-694","reference_id":"AVG-694","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-694"},{"reference_url":"https://security.archlinux.org/AVG-695","reference_id":"AVG-695","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-695"},{"reference_url":"https://security.archlinux.org/AVG-696","reference_id":"AVG-696","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-696"},{"reference_url":"https://security.archlinux.org/AVG-697","reference_id":"AVG-697","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-697"},{"reference_url":"https://security.archlinux.org/AVG-698","reference_id":"AVG-698","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-698"},{"reference_url":"https://security.archlinux.org/AVG-699","reference_id":"AVG-699","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-699"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000301","reference_id":"CVE-2018-1000301","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"},{"reference_url":"https://security.gentoo.org/glsa/201806-05","reference_id":"GLSA-201806-05","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://security.gentoo.org/glsa/201806-05"},{"reference_url":"https://usn.ubuntu.com/3648-1/","reference_id":"USN-3648-1","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:58:33Z/"}],"url":"https://usn.ubuntu.com/3648-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370794?format=json","purl":"pkg:generic/curl.se/curl@7.60.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9cbd-x468-rkaw"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.60.0"}],"aliases":["CVE-2018-1000301"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vt9-pf5q-uqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64299?format=json","vulnerability_id":"VCID-8zks-th64-33b8","summary":"curl: curl: Unauthorized access due to improper HTTP proxy connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03081","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03051","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03053","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03056","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03671","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03792","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03709","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03683","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06254","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06329","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06126","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06096","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06133","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06154","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3584903","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://hackerone.com/reports/3584903"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449","reference_id":"2446449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.json","reference_id":"CVE-2026-3784.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370671?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-acd8-mwm2-zka5"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-3784"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zks-th64-33b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57259?format=json","vulnerability_id":"VCID-9ggp-5wfj-ufcq","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43552","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27867","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28229","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28135","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28022","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27943","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27778","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27842","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42428","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42458","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42397","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42447","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42477","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4244","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42409","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42433","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43552"},{"reference_url":"https://curl.se/docs/CVE-2022-43552.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-43552.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1764858","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://hackerone.com/reports/1764858"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830","reference_id":"1026830","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Mar/17","reference_id":"17","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Mar/17"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152652","reference_id":"2152652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152652"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213670","reference_id":"HT213670","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://support.apple.com/kb/HT213670"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230214-0002/","reference_id":"ntap-20230214-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230214-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2478","reference_id":"RHSA-2023:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2963","reference_id":"RHSA-2023:2963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7743","reference_id":"RHSA-2023:7743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5788-1/","reference_id":"USN-5788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5788-1/"},{"reference_url":"https://usn.ubuntu.com/5894-1/","reference_id":"USN-5894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370831?format=json","purl":"pkg:generic/curl.se/curl@7.87.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0"}],"aliases":["CVE-2022-43552"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ggp-5wfj-ufcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49278?format=json","vulnerability_id":"VCID-9nak-pscy-e7gs","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32221","reference_id":"","reference_type":"","scores":[{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.81888","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.81867","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.81849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.81913","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01681","scoring_system":"epss","scoring_elements":"0.82219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01681","scoring_system":"epss","scoring_elements":"0.82218","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01681","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01681","scoring_system":"epss","scoring_elements":"0.82185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02591","scoring_system":"epss","scoring_elements":"0.85547","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02591","scoring_system":"epss","scoring_elements":"0.8553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02753","scoring_system":"epss","scoring_elements":"0.86012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02753","scoring_system":"epss","scoring_elements":"0.85969","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02753","scoring_system":"epss","scoring_elements":"0.85988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02753","scoring_system":"epss","scoring_elements":"0.85998","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32221"},{"reference_url":"https://curl.se/docs/CVE-2022-32221.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-32221.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1704017","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://hackerone.com/reports/1704017"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135411","reference_id":"2135411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135411"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/05/17/4","reference_id":"4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/05/17/4"},{"reference_url":"https://www.debian.org/security/2023/dsa-5330","reference_id":"dsa-5330","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://www.debian.org/security/2023/dsa-5330"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230110-0006/","reference_id":"ntap-20230110-0006","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230110-0006/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230208-0002/","reference_id":"ntap-20230208-0002","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230208-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0333","reference_id":"RHSA-2023:0333","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0333"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4139","reference_id":"RHSA-2023:4139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4139"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"},{"reference_url":"https://usn.ubuntu.com/5702-2/","reference_id":"USN-5702-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-2/"},{"reference_url":"https://usn.ubuntu.com/5823-1/","reference_id":"USN-5823-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5823-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370830?format=json","purl":"pkg:generic/curl.se/curl@7.86.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0"}],"aliases":["CVE-2022-32221"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nak-pscy-e7gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164220?format=json","vulnerability_id":"VCID-a9b6-m25r-kygw","summary":"The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9952","reference_id":"","reference_type":"","scores":[{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68968","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68933","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.7708","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77072","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77107","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77114","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77012","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76977","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77078","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9952"},{"reference_url":"https://curl.se/docs/CVE-2016-9952.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-9952.html"},{"reference_url":"https://curl.haxx.se/docs/adv_20161221B.html","reference_id":"adv_20161221B.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/"}],"url":"https://curl.haxx.se/docs/adv_20161221B.html"},{"reference_url":"https://curl.haxx.se/CVE-2016-9952.patch","reference_id":"CVE-2016-9952.patch","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:19:07Z/"}],"url":"https://curl.haxx.se/CVE-2016-9952.patch"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370781?format=json","purl":"pkg:generic/curl.se/curl@7.52.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-36n6-qanf-nue8"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-hyqp-z8hb-fqbt"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-q3hu-8uy5-e3a4"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0"}],"aliases":["CVE-2016-9952"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-m25r-kygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59713?format=json","vulnerability_id":"VCID-ae59-w7a1-7keg","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2486","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000254","reference_id":"","reference_type":"","scores":[{"value":"0.01178","scoring_system":"epss","scoring_elements":"0.78736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01178","scoring_system":"epss","scoring_elements":"0.78727","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79998","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79891","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79892","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79961","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01318","scoring_system":"epss","scoring_elements":"0.79983","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80036","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80043","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80064","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80053","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80089","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01348","scoring_system":"epss","scoring_elements":"0.80109","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000254"},{"reference_url":"https://curl.haxx.se/673d0cd8.patch","reference_id":"","reference_type":"","scores":[],"url":"https://curl.haxx.se/673d0cd8.patch"},{"reference_url":"https://curl.haxx.se/docs/adv_20171004.html","reference_id":"","reference_type":"","scores":[],"url":"https://curl.haxx.se/docs/adv_20171004.html"},{"reference_url":"https://curl.se/docs/CVE-2017-1000254.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-1000254.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://support.apple.com/HT208331","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208331"},{"reference_url":"http://www.debian.org/security/2017/dsa-3992","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3992"},{"reference_url":"http://www.securityfocus.com/bid/101115","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101115"},{"reference_url":"http://www.securitytracker.com/id/1039509","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039509"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495541","reference_id":"1495541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495541"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671","reference_id":"877671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877671"},{"reference_url":"https://security.archlinux.org/ASA-201710-2","reference_id":"ASA-201710-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-2"},{"reference_url":"https://security.archlinux.org/ASA-201710-3","reference_id":"ASA-201710-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-3"},{"reference_url":"https://security.archlinux.org/ASA-201710-4","reference_id":"ASA-201710-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-4"},{"reference_url":"https://security.archlinux.org/ASA-201710-5","reference_id":"ASA-201710-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-5"},{"reference_url":"https://security.archlinux.org/ASA-201710-6","reference_id":"ASA-201710-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-6"},{"reference_url":"https://security.archlinux.org/ASA-201710-7","reference_id":"ASA-201710-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-7"},{"reference_url":"https://security.archlinux.org/AVG-371","reference_id":"AVG-371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-371"},{"reference_url":"https://security.archlinux.org/AVG-386","reference_id":"AVG-386","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-386"},{"reference_url":"https://security.archlinux.org/AVG-387","reference_id":"AVG-387","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-387"},{"reference_url":"https://security.archlinux.org/AVG-388","reference_id":"AVG-388","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-388"},{"reference_url":"https://security.archlinux.org/AVG-389","reference_id":"AVG-389","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-389"},{"reference_url":"https://security.archlinux.org/AVG-422","reference_id":"AVG-422","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-422"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000254","reference_id":"CVE-2017-1000254","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000254"},{"reference_url":"https://security.gentoo.org/glsa/201712-04","reference_id":"GLSA-201712-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201712-04"},{"reference_url":"https://usn.ubuntu.com/3441-1/","reference_id":"USN-3441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-1/"},{"reference_url":"https://usn.ubuntu.com/3441-2/","reference_id":"USN-3441-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370789?format=json","purl":"pkg:generic/curl.se/curl@7.56.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-drkp-q9r5-ukcm"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.56.0"}],"aliases":["CVE-2017-1000254"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae59-w7a1-7keg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57263?format=json","vulnerability_id":"VCID-arjz-67yz-wkg9","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27533","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38404","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38719","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38554","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38529","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38394","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40439","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40465","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.4044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40451","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40472","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40434","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40415","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40463","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.4427","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27533"},{"reference_url":"https://curl.se/docs/CVE-2023-27533.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27533.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1891474","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://hackerone.com/reports/1891474"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179062","reference_id":"2179062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179062"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0011/","reference_id":"ntap-20230420-0011","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370834?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27533"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-arjz-67yz-wkg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49271?format=json","vulnerability_id":"VCID-bb2f-7qrm-1kca","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27781","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22843","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23013","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23085","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23049","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22992","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23006","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22961","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22794","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22789","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22782","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22682","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22767","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23104","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2294","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27781"},{"reference_url":"https://curl.se/docs/CVE-2022-27781.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-27781.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1555441","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/"}],"url":"https://hackerone.com/reports/1555441"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082204","reference_id":"2082204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082204"},{"reference_url":"https://security.archlinux.org/AVG-2706","reference_id":"AVG-2706","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2706"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0009/","reference_id":"ntap-20220609-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:02:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5412-1/","reference_id":"USN-5412-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5412-1/"},{"reference_url":"https://usn.ubuntu.com/5499-1/","reference_id":"USN-5499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370827?format=json","purl":"pkg:generic/curl.se/curl@7.83.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.1"}],"aliases":["CVE-2022-27781"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bb2f-7qrm-1kca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354617?format=json","vulnerability_id":"VCID-bgdk-ebn7-eycn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json"},{"reference_url":"https://curl.se/docs/CVE-2026-5545.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-5545.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3642555","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3642555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204","reference_id":"2461204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-5545"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgdk-ebn7-eycn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59715?format=json","vulnerability_id":"VCID-bhvd-ntxz-dkg4","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8816","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63888","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63857","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63848","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63812","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.6386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63846","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63829","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63821","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63733","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63936","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64492","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64504","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64478","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8816"},{"reference_url":"https://curl.haxx.se/docs/adv_2017-12e7.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"https://curl.haxx.se/docs/adv_2017-12e7.html"},{"reference_url":"https://curl.se/docs/CVE-2017-8816.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-8816.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817"},{"reference_url":"http://security.cucumberlinux.com/security/details.php?id=161","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"http://security.cucumberlinux.com/security/details.php?id=161"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-4051","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"https://www.debian.org/security/2017/dsa-4051"},{"reference_url":"http://www.securityfocus.com/bid/101998","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"http://www.securityfocus.com/bid/101998"},{"reference_url":"http://www.securitytracker.com/id/1039896","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"http://www.securitytracker.com/id/1039896"},{"reference_url":"http://www.securitytracker.com/id/1040608","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"http://www.securitytracker.com/id/1040608"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515757","reference_id":"1515757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515757"},{"reference_url":"https://security.archlinux.org/ASA-201711-36","reference_id":"ASA-201711-36","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-36"},{"reference_url":"https://security.archlinux.org/ASA-201711-37","reference_id":"ASA-201711-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-37"},{"reference_url":"https://security.archlinux.org/ASA-201711-38","reference_id":"ASA-201711-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-38"},{"reference_url":"https://security.archlinux.org/AVG-521","reference_id":"AVG-521","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-521"},{"reference_url":"https://security.archlinux.org/AVG-522","reference_id":"AVG-522","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-522"},{"reference_url":"https://security.archlinux.org/AVG-523","reference_id":"AVG-523","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-523"},{"reference_url":"https://security.archlinux.org/AVG-527","reference_id":"AVG-527","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-527"},{"reference_url":"https://security.archlinux.org/AVG-528","reference_id":"AVG-528","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-528"},{"reference_url":"https://security.archlinux.org/AVG-529","reference_id":"AVG-529","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-529"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8816","reference_id":"CVE-2017-8816","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8816"},{"reference_url":"https://security.gentoo.org/glsa/201712-04","reference_id":"GLSA-201712-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:01:08Z/"}],"url":"https://security.gentoo.org/glsa/201712-04"},{"reference_url":"https://usn.ubuntu.com/3498-1/","reference_id":"USN-3498-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3498-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370791?format=json","purl":"pkg:generic/curl.se/curl@7.57.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.57.0"}],"aliases":["CVE-2017-8816"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhvd-ntxz-dkg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49701?format=json","vulnerability_id":"VCID-bv57-gvfs-qfhj","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000121.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000121","reference_id":"","reference_type":"","scores":[{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86848","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.87008","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86924","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86942","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86947","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86952","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86973","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.8699","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86858","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86877","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86872","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.869","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03154","scoring_system":"epss","scoring_elements":"0.86908","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000121"},{"reference_url":"https://curl.se/docs/CVE-2018-1000121.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000121.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552631","reference_id":"1552631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552631"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546","reference_id":"893546","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546"},{"reference_url":"https://security.archlinux.org/ASA-201803-15","reference_id":"ASA-201803-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-15"},{"reference_url":"https://security.archlinux.org/ASA-201803-16","reference_id":"ASA-201803-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-16"},{"reference_url":"https://security.archlinux.org/ASA-201803-17","reference_id":"ASA-201803-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-17"},{"reference_url":"https://security.archlinux.org/ASA-201803-18","reference_id":"ASA-201803-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-18"},{"reference_url":"https://security.archlinux.org/ASA-201803-19","reference_id":"ASA-201803-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-19"},{"reference_url":"https://security.archlinux.org/ASA-201803-20","reference_id":"ASA-201803-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-20"},{"reference_url":"https://security.archlinux.org/AVG-653","reference_id":"AVG-653","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-653"},{"reference_url":"https://security.archlinux.org/AVG-654","reference_id":"AVG-654","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-654"},{"reference_url":"https://security.archlinux.org/AVG-655","reference_id":"AVG-655","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-655"},{"reference_url":"https://security.archlinux.org/AVG-656","reference_id":"AVG-656","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-656"},{"reference_url":"https://security.archlinux.org/AVG-660","reference_id":"AVG-660","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-660"},{"reference_url":"https://security.archlinux.org/AVG-661","reference_id":"AVG-661","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-661"},{"reference_url":"https://security.gentoo.org/glsa/201804-04","reference_id":"GLSA-201804-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370793?format=json","purl":"pkg:generic/curl.se/curl@7.59.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9cbd-x468-rkaw"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0"}],"aliases":["CVE-2018-1000121"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv57-gvfs-qfhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34704?format=json","vulnerability_id":"VCID-c6dk-7gj6-7far","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8623","reference_id":"","reference_type":"","scores":[{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.7467","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74707","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74662","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74699","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74621","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74647","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74653","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.74667","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.7469","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.7523","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0114","scoring_system":"epss","scoring_elements":"0.78545","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0114","scoring_system":"epss","scoring_elements":"0.78528","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.7877","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01197","scoring_system":"epss","scoring_elements":"0.78965","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01197","scoring_system":"epss","scoring_elements":"0.78941","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01197","scoring_system":"epss","scoring_elements":"0.78949","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8623"},{"reference_url":"https://curl.se/docs/CVE-2016-8623.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8623.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388388","reference_id":"1388388","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388388"},{"reference_url":"http://www.securityfocus.com/bid/94106","reference_id":"94106","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"http://www.securityfocus.com/bid/94106"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102I.html","reference_id":"adv_20161102I.html","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102I.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://curl.haxx.se/CVE-2016-8623.patch","reference_id":"CVE-2016-8623.patch","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"https://curl.haxx.se/CVE-2016-8623.patch"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623","reference_id":"show_bug.cgi?id=CVE-2016-8623","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:46:38Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8623"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6dk-7gj6-7far"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16997?format=json","vulnerability_id":"VCID-cbah-e86c-w3fj","summary":"Improper Authentication\nAn authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27535","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10852","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10803","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10758","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10679","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10644","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20295","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20386","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20231","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20226","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20446","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.2017","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20251","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20311","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27535"},{"reference_url":"https://curl.se/docs/CVE-2023-27535.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27535.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1892780","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://hackerone.com/reports/1892780"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179073","reference_id":"2179073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179073"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27535","reference_id":"CVE-2023-27535","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27535"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2650","reference_id":"RHSA-2023:2650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3106","reference_id":"RHSA-2023:3106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370834?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27535"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbah-e86c-w3fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49702?format=json","vulnerability_id":"VCID-cbph-fu9d-gbah","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000122","reference_id":"","reference_type":"","scores":[{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83368","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83568","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.8347","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83501","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83503","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83528","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.8355","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83381","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83396","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.8342","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.8343","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83439","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01942","scoring_system":"epss","scoring_elements":"0.83435","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000122"},{"reference_url":"https://curl.se/docs/CVE-2018-1000122.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000122.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553398","reference_id":"1553398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553398"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546","reference_id":"893546","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546"},{"reference_url":"https://security.archlinux.org/ASA-201803-15","reference_id":"ASA-201803-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-15"},{"reference_url":"https://security.archlinux.org/ASA-201803-16","reference_id":"ASA-201803-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-16"},{"reference_url":"https://security.archlinux.org/ASA-201803-17","reference_id":"ASA-201803-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-17"},{"reference_url":"https://security.archlinux.org/ASA-201803-18","reference_id":"ASA-201803-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-18"},{"reference_url":"https://security.archlinux.org/ASA-201803-19","reference_id":"ASA-201803-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-19"},{"reference_url":"https://security.archlinux.org/ASA-201803-20","reference_id":"ASA-201803-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-20"},{"reference_url":"https://security.archlinux.org/AVG-653","reference_id":"AVG-653","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-653"},{"reference_url":"https://security.archlinux.org/AVG-654","reference_id":"AVG-654","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-654"},{"reference_url":"https://security.archlinux.org/AVG-655","reference_id":"AVG-655","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-655"},{"reference_url":"https://security.archlinux.org/AVG-656","reference_id":"AVG-656","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-656"},{"reference_url":"https://security.archlinux.org/AVG-660","reference_id":"AVG-660","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-660"},{"reference_url":"https://security.archlinux.org/AVG-661","reference_id":"AVG-661","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-661"},{"reference_url":"https://security.gentoo.org/glsa/201804-04","reference_id":"GLSA-201804-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370793?format=json","purl":"pkg:generic/curl.se/curl@7.59.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9cbd-x468-rkaw"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0"}],"aliases":["CVE-2018-1000122"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbph-fu9d-gbah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46198?format=json","vulnerability_id":"VCID-cp4n-p2z3-43b4","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in information disclosure or data loss.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8177","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05237","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05168","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05123","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05272","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05283","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05279","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05013","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05549","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0557","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05532","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05526","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05486","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05444","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05514","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8177"},{"reference_url":"https://curl.se/docs/CVE-2020-8177.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/"}],"url":"https://curl.se/docs/CVE-2020-8177.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/887462","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/"}],"url":"https://hackerone.com/reports/887462"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847915","reference_id":"1847915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847915"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281","reference_id":"965281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965281"},{"reference_url":"https://security.archlinux.org/AVG-1194","reference_id":"AVG-1194","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1194"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T21:05:17Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202007-16","reference_id":"GLSA-202007-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4599","reference_id":"RHSA-2020:4599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5002","reference_id":"RHSA-2020:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5417","reference_id":"RHSA-2020:5417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4402-1/","reference_id":"USN-4402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4402-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370811?format=json","purl":"pkg:generic/curl.se/curl@7.71.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.71.0"}],"aliases":["CVE-2020-8177"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cp4n-p2z3-43b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49262?format=json","vulnerability_id":"VCID-dc3c-3wab-57gh","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22926.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22926","reference_id":"","reference_type":"","scores":[{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.70966","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71175","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.711","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71139","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.70976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.70993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.70968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.7101","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71025","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71048","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71032","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71016","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71069","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71049","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71104","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71118","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22926"},{"reference_url":"https://curl.se/docs/CVE-2021-22926.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22926.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1234760","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1234760"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016088","reference_id":"2016088","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016088"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202212-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370820?format=json","purl":"pkg:generic/curl.se/curl@7.78.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0"}],"aliases":["CVE-2021-22926"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dc3c-3wab-57gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57267?format=json","vulnerability_id":"VCID-ddgz-rczw-jqfw","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67593","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67504","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67579","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67556","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70732","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70622","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70673","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70682","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70699","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320"},{"reference_url":"https://curl.se/docs/CVE-2023-28320.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28320.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1929597","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://hackerone.com/reports/1929597"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783","reference_id":"2196783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370836?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28320"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddgz-rczw-jqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15716?format=json","vulnerability_id":"VCID-dgtq-eaav-jyhf","summary":"Out-of-bounds Write\nA buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0327","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3157","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1543","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0544","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0594","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0594"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000120.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000120","reference_id":"","reference_type":"","scores":[{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81496","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81302","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81312","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81334","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81332","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81361","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81366","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81387","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81402","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81426","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81438","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81455","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0154","scoring_system":"epss","scoring_elements":"0.81475","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000120"},{"reference_url":"https://curl.haxx.se/docs/adv_2018-9cd6.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://curl.haxx.se/docs/adv_2018-9cd6.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/coapp-packages/curl","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/coapp-packages/curl"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html"},{"reference_url":"https://usn.ubuntu.com/3598-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3598-1"},{"reference_url":"https://usn.ubuntu.com/3598-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3598-1/"},{"reference_url":"https://usn.ubuntu.com/3598-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3598-2"},{"reference_url":"https://usn.ubuntu.com/3598-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3598-2/"},{"reference_url":"https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201220134105/http://www.securitytracker.com/id/1040531"},{"reference_url":"https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201220134609/http://www.securityfocus.com/bid/103414"},{"reference_url":"https://www.debian.org/security/2018/dsa-4136","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4136"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552628","reference_id":"1552628","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546","reference_id":"893546","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893546"},{"reference_url":"https://security.archlinux.org/ASA-201803-15","reference_id":"ASA-201803-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-15"},{"reference_url":"https://security.archlinux.org/ASA-201803-16","reference_id":"ASA-201803-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-16"},{"reference_url":"https://security.archlinux.org/ASA-201803-17","reference_id":"ASA-201803-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-17"},{"reference_url":"https://security.archlinux.org/ASA-201803-18","reference_id":"ASA-201803-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-18"},{"reference_url":"https://security.archlinux.org/ASA-201803-19","reference_id":"ASA-201803-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-19"},{"reference_url":"https://security.archlinux.org/ASA-201803-20","reference_id":"ASA-201803-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-20"},{"reference_url":"https://security.archlinux.org/AVG-653","reference_id":"AVG-653","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-653"},{"reference_url":"https://security.archlinux.org/AVG-654","reference_id":"AVG-654","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-654"},{"reference_url":"https://security.archlinux.org/AVG-655","reference_id":"AVG-655","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-655"},{"reference_url":"https://security.archlinux.org/AVG-656","reference_id":"AVG-656","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-656"},{"reference_url":"https://security.archlinux.org/AVG-660","reference_id":"AVG-660","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-660"},{"reference_url":"https://security.archlinux.org/AVG-661","reference_id":"AVG-661","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-661"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000120","reference_id":"CVE-2018-1000120","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"},{"reference_url":"https://curl.se/docs/CVE-2018-1000120.html","reference_id":"CVE-2018-1000120.HTML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000120.html"},{"reference_url":"https://github.com/advisories/GHSA-674j-7m97-j2p9","reference_id":"GHSA-674j-7m97-j2p9","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-674j-7m97-j2p9"},{"reference_url":"https://security.gentoo.org/glsa/201804-04","reference_id":"GLSA-201804-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370793?format=json","purl":"pkg:generic/curl.se/curl@7.59.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9cbd-x468-rkaw"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.59.0"}],"aliases":["CVE-2018-1000120","GHSA-674j-7m97-j2p9"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgtq-eaav-jyhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34705?format=json","vulnerability_id":"VCID-e58m-g37d-9fd6","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8624","reference_id":"","reference_type":"","scores":[{"value":"0.01327","scoring_system":"epss","scoring_elements":"0.80039","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01327","scoring_system":"epss","scoring_elements":"0.80054","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80104","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80023","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.8003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80052","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80042","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80078","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80098","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80073","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80276","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01383","scoring_system":"epss","scoring_elements":"0.80366","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01383","scoring_system":"epss","scoring_elements":"0.80372","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01383","scoring_system":"epss","scoring_elements":"0.80389","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8624"},{"reference_url":"https://curl.se/docs/CVE-2016-8624.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8624.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388390","reference_id":"1388390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388390"},{"reference_url":"http://www.securityfocus.com/bid/94103","reference_id":"94103","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"http://www.securityfocus.com/bid/94103"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102J.html","reference_id":"adv_20161102J.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102J.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E","reference_id":"rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5%40%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624","reference_id":"show_bug.cgi?id=CVE-2016-8624","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:39:44Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8624"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8624"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e58m-g37d-9fd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64300?format=json","vulnerability_id":"VCID-etzn-uhck-h7b2","summary":"curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03496","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03509","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03521","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04152","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04277","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06577","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06641","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06421","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06431","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0645","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3583983","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://hackerone.com/reports/3583983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450","reference_id":"2446450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.json","reference_id":"CVE-2026-3783.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370671?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-acd8-mwm2-zka5"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-3783"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etzn-uhck-h7b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34707?format=json","vulnerability_id":"VCID-fnj3-2du1-4bhx","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9586","reference_id":"","reference_type":"","scores":[{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75624","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.7562","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75582","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.7559","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75492","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75525","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75506","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75548","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75557","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75494","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00936","scoring_system":"epss","scoring_elements":"0.76277","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00936","scoring_system":"epss","scoring_elements":"0.76306","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00936","scoring_system":"epss","scoring_elements":"0.76326","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9586"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9586"},{"reference_url":"https://curl.haxx.se/docs/adv_20161221A.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://curl.haxx.se/docs/adv_20161221A.html"},{"reference_url":"https://curl.se/docs/CVE-2016-9586.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-9586.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:N/I:N/A:P"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://github.com/curl/curl/commit/curl-7_51_0-162-g3ab3c16"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"http://www.securityfocus.com/bid/95019","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"http://www.securityfocus.com/bid/95019"},{"reference_url":"http://www.securitytracker.com/id/1037515","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"http://www.securitytracker.com/id/1037515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406712","reference_id":"1406712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406712"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958","reference_id":"848958","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848958"},{"reference_url":"https://security.archlinux.org/ASA-201612-22","reference_id":"ASA-201612-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-22"},{"reference_url":"https://security.archlinux.org/ASA-201701-10","reference_id":"ASA-201701-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-10"},{"reference_url":"https://security.archlinux.org/ASA-201701-11","reference_id":"ASA-201701-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-11"},{"reference_url":"https://security.archlinux.org/ASA-201701-7","reference_id":"ASA-201701-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-7"},{"reference_url":"https://security.archlinux.org/ASA-201701-8","reference_id":"ASA-201701-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-8"},{"reference_url":"https://security.archlinux.org/ASA-201701-9","reference_id":"ASA-201701-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-9"},{"reference_url":"https://security.archlinux.org/AVG-112","reference_id":"AVG-112","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-112"},{"reference_url":"https://security.archlinux.org/AVG-113","reference_id":"AVG-113","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-113"},{"reference_url":"https://security.archlinux.org/AVG-114","reference_id":"AVG-114","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-114"},{"reference_url":"https://security.archlinux.org/AVG-115","reference_id":"AVG-115","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-115"},{"reference_url":"https://security.archlinux.org/AVG-116","reference_id":"AVG-116","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-116"},{"reference_url":"https://security.archlinux.org/AVG-117","reference_id":"AVG-117","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-117"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9586","reference_id":"CVE-2016-9586","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9586"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:03:41Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://usn.ubuntu.com/3441-1/","reference_id":"USN-3441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-1/"},{"reference_url":"https://usn.ubuntu.com/3441-2/","reference_id":"USN-3441-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370781?format=json","purl":"pkg:generic/curl.se/curl@7.52.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-36n6-qanf-nue8"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-hyqp-z8hb-fqbt"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-q3hu-8uy5-e3a4"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0"}],"aliases":["CVE-2016-9586"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnj3-2du1-4bhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49713?format=json","vulnerability_id":"VCID-fp65-97n1-xuaj","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow attackers to bypass intended restrictions.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000100","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68638","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68601","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.703","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70305","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70307","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00818","scoring_system":"epss","scoring_elements":"0.744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00818","scoring_system":"epss","scoring_elements":"0.74392","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76475","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76442","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76457","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76489","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76501","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.76506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.765","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00962","scoring_system":"epss","scoring_elements":"0.7654","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000100"},{"reference_url":"https://curl.haxx.se/docs/adv_20170809B.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"https://curl.haxx.se/docs/adv_20170809B.html"},{"reference_url":"https://curl.se/docs/CVE-2017-1000100.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-1000100.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:N/A:N"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://support.apple.com/HT208221","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"https://support.apple.com/HT208221"},{"reference_url":"http://www.debian.org/security/2017/dsa-3992","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"http://www.debian.org/security/2017/dsa-3992"},{"reference_url":"http://www.securityfocus.com/bid/100286","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"http://www.securityfocus.com/bid/100286"},{"reference_url":"http://www.securitytracker.com/id/1039118","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"http://www.securitytracker.com/id/1039118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478310","reference_id":"1478310","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478310"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555","reference_id":"871555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555"},{"reference_url":"https://security.archlinux.org/ASA-201708-16","reference_id":"ASA-201708-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-16"},{"reference_url":"https://security.archlinux.org/ASA-201710-3","reference_id":"ASA-201710-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-3"},{"reference_url":"https://security.archlinux.org/ASA-201710-4","reference_id":"ASA-201710-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-4"},{"reference_url":"https://security.archlinux.org/ASA-201710-5","reference_id":"ASA-201710-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-5"},{"reference_url":"https://security.archlinux.org/ASA-201710-6","reference_id":"ASA-201710-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-6"},{"reference_url":"https://security.archlinux.org/ASA-201710-7","reference_id":"ASA-201710-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-7"},{"reference_url":"https://security.archlinux.org/AVG-370","reference_id":"AVG-370","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-370"},{"reference_url":"https://security.archlinux.org/AVG-371","reference_id":"AVG-371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-371"},{"reference_url":"https://security.archlinux.org/AVG-386","reference_id":"AVG-386","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-386"},{"reference_url":"https://security.archlinux.org/AVG-387","reference_id":"AVG-387","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-387"},{"reference_url":"https://security.archlinux.org/AVG-388","reference_id":"AVG-388","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-388"},{"reference_url":"https://security.archlinux.org/AVG-389","reference_id":"AVG-389","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-389"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000100","reference_id":"CVE-2017-1000100","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"},{"reference_url":"https://security.gentoo.org/glsa/201709-14","reference_id":"GLSA-201709-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/"}],"url":"https://security.gentoo.org/glsa/201709-14"},{"reference_url":"https://usn.ubuntu.com/3441-1/","reference_id":"USN-3441-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-1/"},{"reference_url":"https://usn.ubuntu.com/3441-2/","reference_id":"USN-3441-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370787?format=json","purl":"pkg:generic/curl.se/curl@7.55.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.55.0"}],"aliases":["CVE-2017-1000100"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fp65-97n1-xuaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354618?format=json","vulnerability_id":"VCID-g4jw-azg9-gqbs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json"},{"reference_url":"https://curl.se/docs/CVE-2026-5773.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-5773.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3650689","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3650689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201","reference_id":"2461201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-5773"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4jw-azg9-gqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61667?format=json","vulnerability_id":"VCID-ggt7-eejg-xfb6","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22876","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20928","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20925","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21078","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21003","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20987","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29919","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30034","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30106","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30149","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30169","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30201","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29781","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29769","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29703","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29849","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22876"},{"reference_url":"https://curl.se/docs/CVE-2021-22876.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://curl.se/docs/CVE-2021-22876.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1101882","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://hackerone.com/reports/1101882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941964","reference_id":"1941964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941964"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/","reference_id":"2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269","reference_id":"986269","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269"},{"reference_url":"https://security.archlinux.org/AVG-1753","reference_id":"AVG-1753","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1753"},{"reference_url":"https://security.archlinux.org/AVG-1754","reference_id":"AVG-1754","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1754"},{"reference_url":"https://security.archlinux.org/AVG-1755","reference_id":"AVG-1755","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1755"},{"reference_url":"https://security.archlinux.org/AVG-1756","reference_id":"AVG-1756","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1756"},{"reference_url":"https://security.archlinux.org/AVG-1757","reference_id":"AVG-1757","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1757"},{"reference_url":"https://security.archlinux.org/AVG-1758","reference_id":"AVG-1758","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1758"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22876","reference_id":"CVE-2021-22876","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22876"},{"reference_url":"https://security.gentoo.org/glsa/202105-36","reference_id":"GLSA-202105-36","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://security.gentoo.org/glsa/202105-36"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/","reference_id":"ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/","reference_id":"KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210521-0007/","reference_id":"ntap-20210521-0007","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210521-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4511","reference_id":"RHSA-2021:4511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1354","reference_id":"RHSA-2022:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1354"},{"reference_url":"https://usn.ubuntu.com/4898-1/","reference_id":"USN-4898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4898-1/"},{"reference_url":"https://usn.ubuntu.com/4903-1/","reference_id":"USN-4903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370817?format=json","purl":"pkg:generic/curl.se/curl@7.76.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-38mv-usbe-z7hd"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.76.0"}],"aliases":["CVE-2021-22876"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggt7-eejg-xfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19507?format=json","vulnerability_id":"VCID-gnx2-djyk-uyaf","summary":"Cookie injection with none file\nThis flaw allows an attacker to insert cookies at will into a running program\nusing libcurl, if the specific series of conditions are met.\n\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\nthat are the individual handles for single transfers.\n\nlibcurl provides a function call that duplicates en easy handle called\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\n\nIf a transfer has cookies enabled when the handle is duplicated, the\ncookie-enable state is also cloned - but without cloning the actual\ncookies. If the source handle does not read any cookies from a specific file on\ndisk, the cloned version of the handle would instead store the file name as\n`none` (using the four ASCII letters, no quotes).\n\nSubsequent use of the cloned handle that does not explicitly set a source to\nload cookies from would then inadvertently load cookies from a file named\n`none` - if such a file exists and is readable in the current directory of the\nprogram using libcurl. And if using the correct file format of course.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38546","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48957","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48964","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48991","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48998","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48995","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48985","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49036","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49032","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48994","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4895","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48867","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4893","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49733","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2148242","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/2148242"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241938","reference_id":"2241938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241938"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/34","reference_id":"34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/37","reference_id":"37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/37"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/38","reference_id":"38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/38"},{"reference_url":"https://security.archlinux.org/AVG-2845","reference_id":"AVG-2845","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2845"},{"reference_url":"https://security.archlinux.org/AVG-2846","reference_id":"AVG-2846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2846"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38546","reference_id":"CVE-2023-38546","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38546"},{"reference_url":"https://curl.se/docs/CVE-2023-38546.html","reference_id":"CVE-2023-38546.HTML","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://curl.se/docs/CVE-2023-38546.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT214036","reference_id":"HT214036","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214036"},{"reference_url":"https://support.apple.com/kb/HT214057","reference_id":"HT214057","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214057"},{"reference_url":"https://support.apple.com/kb/HT214058","reference_id":"HT214058","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214058"},{"reference_url":"https://support.apple.com/kb/HT214063","reference_id":"HT214063","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214063"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/","reference_id":"OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5700","reference_id":"RHSA-2023:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5763","reference_id":"RHSA-2023:5763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6292","reference_id":"RHSA-2023:6292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6745","reference_id":"RHSA-2023:6745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7540","reference_id":"RHSA-2023:7540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7625","reference_id":"RHSA-2023:7625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2101","reference_id":"RHSA-2024:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2101"},{"reference_url":"https://usn.ubuntu.com/6429-1/","reference_id":"USN-6429-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-1/"},{"reference_url":"https://usn.ubuntu.com/6429-2/","reference_id":"USN-6429-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-2/"},{"reference_url":"https://usn.ubuntu.com/6429-3/","reference_id":"USN-6429-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-3/"},{"reference_url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868","reference_id":"viewtopic.php?f=8&t=8868","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370842?format=json","purl":"pkg:generic/curl.se/curl@8.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0"}],"aliases":["CVE-2023-38546"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnx2-djyk-uyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164221?format=json","vulnerability_id":"VCID-hj8v-tgnn-mfdw","summary":"The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9953","reference_id":"","reference_type":"","scores":[{"value":"0.01096","scoring_system":"epss","scoring_elements":"0.78129","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01096","scoring_system":"epss","scoring_elements":"0.78086","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01096","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.82973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.82998","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83015","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.82946","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83049","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83074","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83082","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83089","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.8301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.82963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.82976","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9953"},{"reference_url":"https://curl.se/docs/CVE-2016-9953.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-9953.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370781?format=json","purl":"pkg:generic/curl.se/curl@7.52.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-36n6-qanf-nue8"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-hyqp-z8hb-fqbt"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-q3hu-8uy5-e3a4"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.52.0"}],"aliases":["CVE-2016-9953"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hj8v-tgnn-mfdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73974?format=json","vulnerability_id":"VCID-hrsy-694u-2fec","summary":"curl: OCSP stapling bypass with GnuTLS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66729","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66629","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66644","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6663","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66655","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66669","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66687","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66587","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66559","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66626","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519","reference_id":"2310519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519"},{"reference_url":"https://hackerone.com/reports/2669852","reference_id":"2669852","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://hackerone.com/reports/2669852"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.html","reference_id":"CVE-2024-8096.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.html"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.json","reference_id":"CVE-2024-8096.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.json"},{"reference_url":"https://usn.ubuntu.com/7012-1/","reference_id":"USN-7012-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7012-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370850?format=json","purl":"pkg:generic/curl.se/curl@8.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-176a-agbw-hqdy"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9mjz-apkm-g7h1"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-kt4b-7ffh-4bch"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.10.0"}],"aliases":["CVE-2024-8096"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrsy-694u-2fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49261?format=json","vulnerability_id":"VCID-hudt-78dw-tkf2","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22925","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5489","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5496","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55017","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62217","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62281","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62224","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62222","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62174","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62228","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62235","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62218","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62173","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22925"},{"reference_url":"https://curl.se/docs/CVE-2021-22925.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22925.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1223882","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://hackerone.com/reports/1223882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970902","reference_id":"1970902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970902"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Sep/39","reference_id":"39","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Sep/39"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Sep/40","reference_id":"40","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Sep/40"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/ASA-202107-60","reference_id":"ASA-202107-60","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-60"},{"reference_url":"https://security.archlinux.org/ASA-202107-61","reference_id":"ASA-202107-61","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-61"},{"reference_url":"https://security.archlinux.org/ASA-202107-62","reference_id":"ASA-202107-62","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-62"},{"reference_url":"https://security.archlinux.org/ASA-202107-63","reference_id":"ASA-202107-63","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-63"},{"reference_url":"https://security.archlinux.org/ASA-202107-64","reference_id":"ASA-202107-64","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-64"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://security.archlinux.org/AVG-2195","reference_id":"AVG-2195","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2195"},{"reference_url":"https://security.archlinux.org/AVG-2196","reference_id":"AVG-2196","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2196"},{"reference_url":"https://security.archlinux.org/AVG-2197","reference_id":"AVG-2197","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2197"},{"reference_url":"https://security.archlinux.org/AVG-2198","reference_id":"AVG-2198","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2198"},{"reference_url":"https://security.archlinux.org/AVG-2199","reference_id":"AVG-2199","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2199"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT212804","reference_id":"HT212804","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://support.apple.com/kb/HT212804"},{"reference_url":"https://support.apple.com/kb/HT212805","reference_id":"HT212805","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://support.apple.com/kb/HT212805"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4511","reference_id":"RHSA-2021:4511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4511"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf","reference_id":"ssa-484086.pdf","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T16:36:17Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"},{"reference_url":"https://usn.ubuntu.com/5021-1/","reference_id":"USN-5021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5021-1/"},{"reference_url":"https://usn.ubuntu.com/5021-2/","reference_id":"USN-5021-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5021-2/"},{"reference_url":"https://usn.ubuntu.com/5894-1/","reference_id":"USN-5894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370820?format=json","purl":"pkg:generic/curl.se/curl@7.78.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0"}],"aliases":["CVE-2021-22925"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hudt-78dw-tkf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34701?format=json","vulnerability_id":"VCID-j2cq-q3r9-jfcp","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8620","reference_id":"","reference_type":"","scores":[{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74284","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.7429","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74306","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74298","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74335","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74429","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74253","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74258","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74344","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74337","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.7437","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74379","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74378","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74374","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74403","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8620"},{"reference_url":"https://curl.se/docs/CVE-2016-8620.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8620.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388382","reference_id":"1388382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388382"},{"reference_url":"http://www.securityfocus.com/bid/94102","reference_id":"94102","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/"}],"url":"http://www.securityfocus.com/bid/94102"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102F.html","reference_id":"adv_20161102F.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102F.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8620","reference_id":"show_bug.cgi?id=CVE-2016-8620","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:04:13Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8620"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8620"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2cq-q3r9-jfcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59714?format=json","vulnerability_id":"VCID-j2qx-np45-4qdu","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2486","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000257","reference_id":"","reference_type":"","scores":[{"value":"0.00863","scoring_system":"epss","scoring_elements":"0.75216","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00863","scoring_system":"epss","scoring_elements":"0.75192","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75327","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75325","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75334","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75546","published_at":"2026-05-05T12:55:00Z"},{"value":"0.009","scoring_system":"epss","scoring_elements":"0.75744","published_at":"2026-04-29T12:55:00Z"},{"value":"0.009","scoring_system":"epss","scoring_elements":"0.75728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.009","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.77017","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.76991","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.76996","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0109","scoring_system":"epss","scoring_elements":"0.77876","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.80584","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.80574","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.80545","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.80553","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.80531","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000257"},{"reference_url":"https://curl.haxx.se/docs/adv_20171023.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"https://curl.haxx.se/docs/adv_20171023.html"},{"reference_url":"https://curl.se/docs/CVE-2017-1000257.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-1000257.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-4007","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"http://www.debian.org/security/2017/dsa-4007"},{"reference_url":"http://www.securityfocus.com/bid/101519","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"http://www.securityfocus.com/bid/101519"},{"reference_url":"http://www.securitytracker.com/id/1039644","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"http://www.securitytracker.com/id/1039644"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1503705","reference_id":"1503705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1503705"},{"reference_url":"https://security.archlinux.org/ASA-201711-10","reference_id":"ASA-201711-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-10"},{"reference_url":"https://security.archlinux.org/ASA-201711-11","reference_id":"ASA-201711-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-11"},{"reference_url":"https://security.archlinux.org/ASA-201711-6","reference_id":"ASA-201711-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-6"},{"reference_url":"https://security.archlinux.org/ASA-201711-7","reference_id":"ASA-201711-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-7"},{"reference_url":"https://security.archlinux.org/ASA-201711-8","reference_id":"ASA-201711-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-8"},{"reference_url":"https://security.archlinux.org/ASA-201711-9","reference_id":"ASA-201711-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-9"},{"reference_url":"https://security.archlinux.org/AVG-462","reference_id":"AVG-462","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-462"},{"reference_url":"https://security.archlinux.org/AVG-463","reference_id":"AVG-463","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-463"},{"reference_url":"https://security.archlinux.org/AVG-464","reference_id":"AVG-464","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-464"},{"reference_url":"https://security.archlinux.org/AVG-465","reference_id":"AVG-465","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-465"},{"reference_url":"https://security.archlinux.org/AVG-466","reference_id":"AVG-466","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-466"},{"reference_url":"https://security.archlinux.org/AVG-467","reference_id":"AVG-467","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-467"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000257","reference_id":"CVE-2017-1000257","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"},{"reference_url":"https://security.gentoo.org/glsa/201712-04","reference_id":"GLSA-201712-04","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"https://security.gentoo.org/glsa/201712-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3263","reference_id":"RHSA-2017:3263","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-15T21:02:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3263"},{"reference_url":"https://usn.ubuntu.com/3441-2/","reference_id":"USN-3441-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3441-2/"},{"reference_url":"https://usn.ubuntu.com/3457-1/","reference_id":"USN-3457-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3457-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370790?format=json","purl":"pkg:generic/curl.se/curl@7.56.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-drkp-q9r5-ukcm"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.56.1"}],"aliases":["CVE-2017-1000257"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qx-np45-4qdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49699?format=json","vulnerability_id":"VCID-jnfc-8f5d-pyh4","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000005","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55445","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55609","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55611","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5562","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55599","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55623","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55602","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5553","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55548","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55555","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.5847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58572","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58515","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000005"},{"reference_url":"https://curl.se/docs/CVE-2018-1000005.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-1000005.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536013","reference_id":"1536013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536013"},{"reference_url":"https://security.archlinux.org/ASA-201801-20","reference_id":"ASA-201801-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-20"},{"reference_url":"https://security.archlinux.org/ASA-201801-22","reference_id":"ASA-201801-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-22"},{"reference_url":"https://security.archlinux.org/ASA-201801-23","reference_id":"ASA-201801-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-23"},{"reference_url":"https://security.archlinux.org/ASA-201801-24","reference_id":"ASA-201801-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-24"},{"reference_url":"https://security.archlinux.org/ASA-201801-25","reference_id":"ASA-201801-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-25"},{"reference_url":"https://security.archlinux.org/ASA-201801-26","reference_id":"ASA-201801-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-26"},{"reference_url":"https://security.archlinux.org/AVG-593","reference_id":"AVG-593","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-593"},{"reference_url":"https://security.archlinux.org/AVG-594","reference_id":"AVG-594","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-594"},{"reference_url":"https://security.archlinux.org/AVG-595","reference_id":"AVG-595","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-595"},{"reference_url":"https://security.archlinux.org/AVG-596","reference_id":"AVG-596","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-596"},{"reference_url":"https://security.archlinux.org/AVG-597","reference_id":"AVG-597","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-597"},{"reference_url":"https://security.archlinux.org/AVG-598","reference_id":"AVG-598","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-598"},{"reference_url":"https://security.gentoo.org/glsa/201804-04","reference_id":"GLSA-201804-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-04"},{"reference_url":"https://usn.ubuntu.com/3554-1/","reference_id":"USN-3554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3554-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370792?format=json","purl":"pkg:generic/curl.se/curl@7.58.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.58.0"}],"aliases":["CVE-2018-1000005"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jnfc-8f5d-pyh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34702?format=json","vulnerability_id":"VCID-jqqf-gmd3-ubcd","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8621","reference_id":"","reference_type":"","scores":[{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84622","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84555","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84576","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.8458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84601","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84627","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84608","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84639","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84638","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0226","scoring_system":"epss","scoring_elements":"0.84617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02369","scoring_system":"epss","scoring_elements":"0.84974","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03082","scoring_system":"epss","scoring_elements":"0.86871","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03082","scoring_system":"epss","scoring_elements":"0.86853","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03165","scoring_system":"epss","scoring_elements":"0.86994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03233","scoring_system":"epss","scoring_elements":"0.87106","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03233","scoring_system":"epss","scoring_elements":"0.87113","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03233","scoring_system":"epss","scoring_elements":"0.87112","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8621"},{"reference_url":"https://curl.se/docs/CVE-2016-8621.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8621.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388385","reference_id":"1388385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388385"},{"reference_url":"http://www.securityfocus.com/bid/94101","reference_id":"94101","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"http://www.securityfocus.com/bid/94101"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102G.html","reference_id":"adv_20161102G.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102G.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://curl.haxx.se/CVE-2016-8621.patch","reference_id":"CVE-2016-8621.patch","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"https://curl.haxx.se/CVE-2016-8621.patch"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8621","reference_id":"show_bug.cgi?id=CVE-2016-8621","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:33:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8621"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8621"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jqqf-gmd3-ubcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34700?format=json","vulnerability_id":"VCID-jtw4-af4y-nkbk","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8619","reference_id":"","reference_type":"","scores":[{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86359","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86408","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86418","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86432","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.8643","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86441","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86446","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.8644","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86459","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86469","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86466","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.8637","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02935","scoring_system":"epss","scoring_elements":"0.86387","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03078","scoring_system":"epss","scoring_elements":"0.86844","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03078","scoring_system":"epss","scoring_elements":"0.86825","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03078","scoring_system":"epss","scoring_elements":"0.86861","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8619"},{"reference_url":"https://curl.se/docs/CVE-2016-8619.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8619.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388379","reference_id":"1388379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388379"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8619"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jtw4-af4y-nkbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50088?format=json","vulnerability_id":"VCID-ju6h-a1sz-f7e5","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in information disclosure or data loss.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8285","reference_id":"","reference_type":"","scores":[{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73101","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73079","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73051","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72967","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73008","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.7291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.7306","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.7305","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73011","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73018","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72942","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72968","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72994","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72973","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8285"},{"reference_url":"https://curl.se/docs/CVE-2020-8285.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://curl.se/docs/CVE-2020-8285.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1045844","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://hackerone.com/reports/1045844"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902687","reference_id":"1902687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902687"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/51","reference_id":"51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"reference_url":"https://github.com/curl/curl/issues/6255","reference_id":"6255","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://github.com/curl/curl/issues/6255"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162","reference_id":"977162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285","reference_id":"CVE-2020-8285","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"},{"reference_url":"https://usn.ubuntu.com/4665-2/","reference_id":"USN-4665-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370815?format=json","purl":"pkg:generic/curl.se/curl@7.74.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0"}],"aliases":["CVE-2020-8285"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju6h-a1sz-f7e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65185?format=json","vulnerability_id":"VCID-mkyr-w79c-qqfz","summary":"curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00628","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00579","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00584","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00624","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00623","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00631","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.006","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00593","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00595","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00587","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00586","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00582","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00583","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.html","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870","reference_id":"2427870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.json","reference_id":"CVE-2025-14017.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370670?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-acd8-mwm2-zka5"},{"vulnerability":"VCID-amgy-dw6h-6ydf"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-14017"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyr-w79c-qqfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16992?format=json","vulnerability_id":"VCID-ms2r-94ph-yyh3","summary":"Improper Authentication\nAn authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27536","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01363","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0131","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01294","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01291","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01282","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01295","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01369","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01379","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01384","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01383","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01374","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01366","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01301","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01306","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27536"},{"reference_url":"https://curl.se/docs/CVE-2023-27536.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27536.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1895135","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://hackerone.com/reports/1895135"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179092","reference_id":"2179092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179092"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27536","reference_id":"CVE-2023-27536","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27536"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4523","reference_id":"RHSA-2023:4523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370834?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27536"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2r-94ph-yyh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50089?format=json","vulnerability_id":"VCID-n51k-39uk-auca","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in information disclosure or data loss.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8286","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52091","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5205","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52054","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52092","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52139","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52113","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59638","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59564","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59662","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59683","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59697","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59717","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8286"},{"reference_url":"https://curl.se/docs/CVE-2020-8286.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://curl.se/docs/CVE-2020-8286.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1048457","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://hackerone.com/reports/1048457"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906096","reference_id":"1906096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906096"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/50","reference_id":"50","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/50"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/51","reference_id":"51","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/54","reference_id":"54","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/54"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161","reference_id":"977161","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8286","reference_id":"CVE-2020-8286","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8286"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf","reference_id":"ssa-200951.pdf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370815?format=json","purl":"pkg:generic/curl.se/curl@7.74.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0"}],"aliases":["CVE-2020-8286"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n51k-39uk-auca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61669?format=json","vulnerability_id":"VCID-ph5u-5j8n-4qah","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22898","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31806","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31797","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31977","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31849","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31879","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31882","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31843","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3184","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3182","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31791","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3133","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31337","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3307","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33283","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33263","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22898"},{"reference_url":"https://curl.se/docs/CVE-2021-22898.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://curl.se/docs/CVE-2021-22898.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1176461","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://hackerone.com/reports/1176461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1964887","reference_id":"1964887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1964887"},{"reference_url":"https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde","reference_id":"39ce47f219b09c380b81f89fe54ac586c8db6bde","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/07/21/4","reference_id":"4","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/07/21/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228","reference_id":"989228","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989228"},{"reference_url":"https://security.archlinux.org/ASA-202106-4","reference_id":"ASA-202106-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-4"},{"reference_url":"https://security.archlinux.org/ASA-202106-5","reference_id":"ASA-202106-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-5"},{"reference_url":"https://security.archlinux.org/ASA-202106-6","reference_id":"ASA-202106-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-6"},{"reference_url":"https://security.archlinux.org/ASA-202106-7","reference_id":"ASA-202106-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-7"},{"reference_url":"https://security.archlinux.org/ASA-202106-8","reference_id":"ASA-202106-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-8"},{"reference_url":"https://security.archlinux.org/ASA-202106-9","reference_id":"ASA-202106-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-9"},{"reference_url":"https://security.archlinux.org/AVG-1995","reference_id":"AVG-1995","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1995"},{"reference_url":"https://security.archlinux.org/AVG-1996","reference_id":"AVG-1996","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1996"},{"reference_url":"https://security.archlinux.org/AVG-1997","reference_id":"AVG-1997","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1997"},{"reference_url":"https://security.archlinux.org/AVG-1998","reference_id":"AVG-1998","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1998"},{"reference_url":"https://security.archlinux.org/AVG-1999","reference_id":"AVG-1999","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1999"},{"reference_url":"https://security.archlinux.org/AVG-2000","reference_id":"AVG-2000","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2000"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202105-36","reference_id":"GLSA-202105-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-36"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/","reference_id":"POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4511","reference_id":"RHSA-2021:4511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4511"},{"reference_url":"https://usn.ubuntu.com/5021-1/","reference_id":"USN-5021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5021-1/"},{"reference_url":"https://usn.ubuntu.com/5021-2/","reference_id":"USN-5021-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5021-2/"},{"reference_url":"https://usn.ubuntu.com/5894-1/","reference_id":"USN-5894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370819?format=json","purl":"pkg:generic/curl.se/curl@7.77.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.77.0"}],"aliases":["CVE-2021-22898"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ph5u-5j8n-4qah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49265?format=json","vulnerability_id":"VCID-q229-ag6u-u3hv","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22576.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22576","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50585","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56674","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56699","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56697","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5667","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56608","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56564","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5661","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58028","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.5801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57955","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22576"},{"reference_url":"https://curl.se/docs/CVE-2022-22576.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-22576.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1526328","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/"}],"url":"https://hackerone.com/reports/1526328"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295","reference_id":"1010295","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010295"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077541","reference_id":"2077541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077541"},{"reference_url":"https://security.archlinux.org/AVG-2685","reference_id":"AVG-2685","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2685"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0008/","reference_id":"ntap-20220609-0008","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-16T14:05:38Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220609-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5245","reference_id":"RHSA-2022:5245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5313","reference_id":"RHSA-2022:5313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5313"},{"reference_url":"https://usn.ubuntu.com/5397-1/","reference_id":"USN-5397-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5397-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370826?format=json","purl":"pkg:generic/curl.se/curl@7.83.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6ge5-86tg-dydf"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hjkx-6yep-mkde"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rhxh-77pj-1bfy"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v9n1-d6xt-6ubn"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0"}],"aliases":["CVE-2022-22576"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q229-ag6u-u3hv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49260?format=json","vulnerability_id":"VCID-qbpd-star-6fgn","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22923","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2068","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20522","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20593","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25766","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25937","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25784","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25738","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25626","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25674","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25683","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25978","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25816","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25879","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25782","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22923"},{"reference_url":"https://curl.se/docs/CVE-2021-22923.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22923.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1213181","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://hackerone.com/reports/1213181"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981438","reference_id":"1981438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981438"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3582","reference_id":"RHSA-2021:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3903","reference_id":"RHSA-2021:3903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370820?format=json","purl":"pkg:generic/curl.se/curl@7.78.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0"}],"aliases":["CVE-2021-22923"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbpd-star-6fgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47208?format=json","vulnerability_id":"VCID-qdcn-2u3v-b3cv","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46218","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60591","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60627","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60612","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60632","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60637","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60625","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.6061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60621","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62664","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62672","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62712","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62608","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62641","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62656","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46218"},{"reference_url":"https://curl.se/docs/CVE-2023-46218.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-46218.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2212193","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/2212193"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646","reference_id":"1057646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252030","reference_id":"2252030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252030"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0434","reference_id":"RHSA-2024:0434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0452","reference_id":"RHSA-2024:0452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0585","reference_id":"RHSA-2024:0585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1129","reference_id":"RHSA-2024:1129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1316","reference_id":"RHSA-2024:1316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2094","reference_id":"RHSA-2024:2094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2094"},{"reference_url":"https://usn.ubuntu.com/6535-1/","reference_id":"USN-6535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6535-1/"},{"reference_url":"https://usn.ubuntu.com/6641-1/","reference_id":"USN-6641-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6641-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370843?format=json","purl":"pkg:generic/curl.se/curl@8.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-176a-agbw-hqdy"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2vwu-y316-gbb2"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-b69q-9yrr-myf7"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0"}],"aliases":["CVE-2023-46218"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcn-2u3v-b3cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82462?format=json","vulnerability_id":"VCID-qpfa-s6sd-8yct","summary":"curl: Windows OpenSSL engine code injection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5443","reference_id":"","reference_type":"","scores":[{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76247","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76186","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76226","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76235","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76409","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76444","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76404","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76346","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.7635","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76379","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76359","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00953","scoring_system":"epss","scoring_elements":"0.76392","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.77075","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.77104","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.77125","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5443"},{"reference_url":"https://curl.se/docs/CVE-2019-5443.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2019-5443.html"},{"reference_url":"https://hackerone.com/reports/608577","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/608577"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1772100","reference_id":"1772100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1772100"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370805?format=json","purl":"pkg:generic/curl.se/curl@7.66.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0"}],"aliases":["CVE-2019-5443"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpfa-s6sd-8yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49268?format=json","vulnerability_id":"VCID-r7bh-7wur-xffs","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27776","reference_id":"","reference_type":"","scores":[{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71748","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71649","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71654","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71685","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.7169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71695","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71681","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71715","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71565","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71605","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.71639","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27776"},{"reference_url":"https://curl.se/docs/CVE-2022-27776.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-27776.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1547048","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://hackerone.com/reports/1547048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252","reference_id":"1010252","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010252"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2078408","reference_id":"2078408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2078408"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/","reference_id":"7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/"},{"reference_url":"https://security.archlinux.org/AVG-2685","reference_id":"AVG-2685","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2685"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/","reference_id":"DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0008/","reference_id":"ntap-20220609-0008","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T15:23:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220609-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5245","reference_id":"RHSA-2022:5245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5313","reference_id":"RHSA-2022:5313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5313"},{"reference_url":"https://usn.ubuntu.com/5397-1/","reference_id":"USN-5397-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5397-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370826?format=json","purl":"pkg:generic/curl.se/curl@7.83.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6ge5-86tg-dydf"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hjkx-6yep-mkde"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rhxh-77pj-1bfy"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v9n1-d6xt-6ubn"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.83.0"}],"aliases":["CVE-2022-27776"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7bh-7wur-xffs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50087?format=json","vulnerability_id":"VCID-rmez-cwu2-2ya7","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in information disclosure or data loss.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8284","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27897","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28391","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.283","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28299","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28364","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28411","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28368","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28321","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2787","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27806","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28466","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27969","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28767","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28543","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28655","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8284"},{"reference_url":"https://curl.se/docs/CVE-2020-8284.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://curl.se/docs/CVE-2020-8284.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1040166","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://hackerone.com/reports/1040166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902667","reference_id":"1902667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902667"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163","reference_id":"977163","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"},{"reference_url":"https://usn.ubuntu.com/4665-2/","reference_id":"USN-4665-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370815?format=json","purl":"pkg:generic/curl.se/curl@7.74.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.74.0"}],"aliases":["CVE-2020-8284"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rmez-cwu2-2ya7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354619?format=json","vulnerability_id":"VCID-rsgn-r3yp-nkb6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json"},{"reference_url":"https://curl.se/docs/CVE-2026-6253.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-6253.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3669637","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3669637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202","reference_id":"2461202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-6253"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsgn-r3yp-nkb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57269?format=json","vulnerability_id":"VCID-s73y-y7v7-43cm","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28322","reference_id":"","reference_type":"","scores":[{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68992","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68981","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68987","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6905","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68972","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.69016","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70232","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70341","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70331","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70317","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70294","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70278","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70255","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28322"},{"reference_url":"https://curl.se/docs/CVE-2023-28322.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28322.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1954658","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://hackerone.com/reports/1954658"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196793","reference_id":"2196793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196793"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","reference_id":"F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4354","reference_id":"RHSA-2023:4354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5598","reference_id":"RHSA-2023:5598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0585","reference_id":"RHSA-2024:0585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://usn.ubuntu.com/6237-1/","reference_id":"USN-6237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-1/"},{"reference_url":"https://usn.ubuntu.com/6237-3/","reference_id":"USN-6237-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","reference_id":"Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370836?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28322"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s73y-y7v7-43cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49263?format=json","vulnerability_id":"VCID-sh5a-fmna-wffr","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22946","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19491","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19311","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19228","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19401","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19479","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19335","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19382","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19373","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23261","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23143","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23277","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23299","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23204","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23322","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2322","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23365","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23154","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23227","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22946"},{"reference_url":"https://curl.se/docs/CVE-2021-22946.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22946.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1334111","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://hackerone.com/reports/1334111"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589","reference_id":"1017589","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017589"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003175","reference_id":"2003175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003175"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Mar/29","reference_id":"29","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Mar/29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/","reference_id":"APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"},{"reference_url":"https://security.archlinux.org/AVG-2384","reference_id":"AVG-2384","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2384"},{"reference_url":"https://security.archlinux.org/AVG-2385","reference_id":"AVG-2385","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2385"},{"reference_url":"https://security.archlinux.org/AVG-2386","reference_id":"AVG-2386","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2386"},{"reference_url":"https://security.archlinux.org/AVG-2387","reference_id":"AVG-2387","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2387"},{"reference_url":"https://security.archlinux.org/AVG-2388","reference_id":"AVG-2388","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2388"},{"reference_url":"https://security.archlinux.org/AVG-2389","reference_id":"AVG-2389","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2389"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213183","reference_id":"HT213183","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://support.apple.com/kb/HT213183"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211029-0003/","reference_id":"ntap-20211029-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211029-0003/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220121-0008/","reference_id":"ntap-20220121-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220121-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4059","reference_id":"RHSA-2021:4059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0635","reference_id":"RHSA-2022:0635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1354","reference_id":"RHSA-2022:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1354"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/","reference_id":"RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:53:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"},{"reference_url":"https://usn.ubuntu.com/5079-1/","reference_id":"USN-5079-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5079-1/"},{"reference_url":"https://usn.ubuntu.com/5079-2/","reference_id":"USN-5079-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5079-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370821?format=json","purl":"pkg:generic/curl.se/curl@7.79.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0"}],"aliases":["CVE-2021-22946"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5a-fmna-wffr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355415?format=json","vulnerability_id":"VCID-sshs-1k6e-cqer","summary":"","references":[{"reference_url":"https://curl.se/docs/CVE-2026-7168.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-7168.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3697719","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3697719"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-7168"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sshs-1k6e-cqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57264?format=json","vulnerability_id":"VCID-syz5-5y6f-s7er","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27534","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19813","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19651","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19728","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20126","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19933","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19988","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20007","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19963","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19904","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19882","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19885","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19779","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19772","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19742","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27534"},{"reference_url":"https://curl.se/docs/CVE-2023-27534.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27534.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1892351","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1892351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179069","reference_id":"2179069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179069"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370834?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-tha5-fv3w-sub6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27534"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-syz5-5y6f-s7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49264?format=json","vulnerability_id":"VCID-t4gn-9fw8-gkc3","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22947","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4862","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48594","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.486","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48657","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48718","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48532","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48616","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48666","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48656","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48671","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48714","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48641","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48662","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48665","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22947"},{"reference_url":"https://curl.se/docs/CVE-2021-22947.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22947.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1334763","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://hackerone.com/reports/1334763"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003191","reference_id":"2003191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003191"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Mar/29","reference_id":"29","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Mar/29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/","reference_id":"APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"},{"reference_url":"https://security.archlinux.org/AVG-2384","reference_id":"AVG-2384","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2384"},{"reference_url":"https://security.archlinux.org/AVG-2385","reference_id":"AVG-2385","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2385"},{"reference_url":"https://security.archlinux.org/AVG-2386","reference_id":"AVG-2386","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2386"},{"reference_url":"https://security.archlinux.org/AVG-2387","reference_id":"AVG-2387","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2387"},{"reference_url":"https://security.archlinux.org/AVG-2388","reference_id":"AVG-2388","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2388"},{"reference_url":"https://security.archlinux.org/AVG-2389","reference_id":"AVG-2389","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2389"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213183","reference_id":"HT213183","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://support.apple.com/kb/HT213183"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211029-0003/","reference_id":"ntap-20211029-0003","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211029-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4059","reference_id":"RHSA-2021:4059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0635","reference_id":"RHSA-2022:0635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1354","reference_id":"RHSA-2022:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1354"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/","reference_id":"RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-28T18:31:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"},{"reference_url":"https://usn.ubuntu.com/5079-1/","reference_id":"USN-5079-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5079-1/"},{"reference_url":"https://usn.ubuntu.com/5079-2/","reference_id":"USN-5079-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5079-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370821?format=json","purl":"pkg:generic/curl.se/curl@7.79.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.79.0"}],"aliases":["CVE-2021-22947"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gn-9fw8-gkc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34388?format=json","vulnerability_id":"VCID-tz47-j4ey-t7g6","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14618","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65698","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65733","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65756","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65731","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65757","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65746","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65747","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65824","published_at":"2026-05-09T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69466","published_at":"2026-04-12T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69387","published_at":"2026-04-01T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69398","published_at":"2026-04-02T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69414","published_at":"2026-04-04T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69393","published_at":"2026-04-07T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69444","published_at":"2026-04-08T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.6946","published_at":"2026-04-09T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69481","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14618"},{"reference_url":"https://curl.se/docs/CVE-2018-14618.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-14618.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1041605","reference_id":"1041605","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"http://www.securitytracker.com/id/1041605"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1622707","reference_id":"1622707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1622707"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327","reference_id":"908327","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908327"},{"reference_url":"https://curl.haxx.se/docs/CVE-2018-14618.html","reference_id":"CVE-2018-14618.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://curl.haxx.se/docs/CVE-2018-14618.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4286","reference_id":"dsa-4286","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://www.debian.org/security/2018/dsa-4286"},{"reference_url":"https://security.gentoo.org/glsa/201903-03","reference_id":"GLSA-201903-03","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://security.gentoo.org/glsa/201903-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1880","reference_id":"RHSA-2019:1880","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1880"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618","reference_id":"show_bug.cgi?id=CVE-2018-14618","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014","reference_id":"SNWLID-2018-0014","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"},{"reference_url":"https://usn.ubuntu.com/3765-1/","reference_id":"USN-3765-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://usn.ubuntu.com/3765-1/"},{"reference_url":"https://usn.ubuntu.com/3765-2/","reference_id":"USN-3765-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:54:10Z/"}],"url":"https://usn.ubuntu.com/3765-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370796?format=json","purl":"pkg:generic/curl.se/curl@7.61.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9cbd-x468-rkaw"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.61.1"}],"aliases":["CVE-2018-14618"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tz47-j4ey-t7g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47212?format=json","vulnerability_id":"VCID-u4bx-xqb3-vuef","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2398","reference_id":"","reference_type":"","scores":[{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81874","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81898","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81908","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81977","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81952","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81913","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81932","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83509","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83545","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83544","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83457","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83512","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83504","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.8347","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01962","scoring_system":"epss","scoring_elements":"0.83472","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/19","reference_id":"19","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/19"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/20","reference_id":"20","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270498","reference_id":"2270498","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270498"},{"reference_url":"https://hackerone.com/reports/2402845","reference_id":"2402845","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://hackerone.com/reports/2402845"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/","reference_id":"2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/27/3","reference_id":"3","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/27/3"},{"reference_url":"https://curl.se/docs/CVE-2024-2398.html","reference_id":"CVE-2024-2398.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://curl.se/docs/CVE-2024-2398.html"},{"reference_url":"https://curl.se/docs/CVE-2024-2398.json","reference_id":"CVE-2024-2398.json","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://curl.se/docs/CVE-2024-2398.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/","reference_id":"GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"},{"reference_url":"https://support.apple.com/kb/HT214118","reference_id":"HT214118","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214118"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://support.apple.com/kb/HT214120","reference_id":"HT214120","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214120"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240503-0009/","reference_id":"ntap-20240503-0009","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240503-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10135","reference_id":"RHSA-2024:10135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11109","reference_id":"RHSA-2024:11109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2693","reference_id":"RHSA-2024:2693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2694","reference_id":"RHSA-2024:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3998","reference_id":"RHSA-2024:3998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5529","reference_id":"RHSA-2024:5529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5654","reference_id":"RHSA-2024:5654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7213","reference_id":"RHSA-2024:7213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7374","reference_id":"RHSA-2024:7374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7374"},{"reference_url":"https://usn.ubuntu.com/6718-1/","reference_id":"USN-6718-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-1/"},{"reference_url":"https://usn.ubuntu.com/6718-2/","reference_id":"USN-6718-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-2/"},{"reference_url":"https://usn.ubuntu.com/6718-3/","reference_id":"USN-6718-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370845?format=json","purl":"pkg:generic/curl.se/curl@8.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-176a-agbw-hqdy"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-5xp7-mcsa-uqd4"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-8m6a-ej6a-g3df"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0"}],"aliases":["CVE-2024-2398"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4bx-xqb3-vuef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74703?format=json","vulnerability_id":"VCID-v3qf-6wju-1bg8","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16890","reference_id":"","reference_type":"","scores":[{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80353","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80347","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80373","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80362","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80402","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.8042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80405","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80398","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80428","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80429","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80432","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80459","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80465","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80482","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80498","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.8052","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.8054","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"},{"reference_url":"https://curl.haxx.se/docs/CVE-2018-16890.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://curl.haxx.se/docs/CVE-2018-16890.html"},{"reference_url":"https://curl.se/docs/CVE-2018-16890.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2018-16890.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190315-0001/","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190315-0001/"},{"reference_url":"https://support.f5.com/csp/article/K03314397?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://support.f5.com/csp/article/K03314397?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://www.debian.org/security/2019/dsa-4386","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://www.debian.org/security/2019/dsa-4386"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.securityfocus.com/bid/106947","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"http://www.securityfocus.com/bid/106947"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670252","reference_id":"1670252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670252"},{"reference_url":"https://security.archlinux.org/ASA-201902-10","reference_id":"ASA-201902-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-10"},{"reference_url":"https://security.archlinux.org/ASA-201902-11","reference_id":"ASA-201902-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-11"},{"reference_url":"https://security.archlinux.org/ASA-201902-12","reference_id":"ASA-201902-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-12"},{"reference_url":"https://security.archlinux.org/ASA-201902-13","reference_id":"ASA-201902-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-13"},{"reference_url":"https://security.archlinux.org/ASA-201902-9","reference_id":"ASA-201902-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-9"},{"reference_url":"https://security.archlinux.org/AVG-873","reference_id":"AVG-873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-873"},{"reference_url":"https://security.archlinux.org/AVG-874","reference_id":"AVG-874","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-874"},{"reference_url":"https://security.archlinux.org/AVG-875","reference_id":"AVG-875","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-875"},{"reference_url":"https://security.archlinux.org/AVG-876","reference_id":"AVG-876","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-876"},{"reference_url":"https://security.archlinux.org/AVG-877","reference_id":"AVG-877","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-877"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16890","reference_id":"CVE-2018-16890","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3701","reference_id":"RHSA-2019:3701","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3701"},{"reference_url":"https://usn.ubuntu.com/3882-1/","reference_id":"USN-3882-1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:53:28Z/"}],"url":"https://usn.ubuntu.com/3882-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370799?format=json","purl":"pkg:generic/curl.se/curl@7.64.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ac6r-spds-qbf5"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0"}],"aliases":["CVE-2018-16890"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3qf-6wju-1bg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34696?format=json","vulnerability_id":"VCID-vxpj-xygq-9be2","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8615","reference_id":"","reference_type":"","scores":[{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84774","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.8487","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84789","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84808","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.8481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84832","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03112","scoring_system":"epss","scoring_elements":"0.86847","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04182","scoring_system":"epss","scoring_elements":"0.88778","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04182","scoring_system":"epss","scoring_elements":"0.88766","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04231","scoring_system":"epss","scoring_elements":"0.88809","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04231","scoring_system":"epss","scoring_elements":"0.88802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04231","scoring_system":"epss","scoring_elements":"0.88808","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04293","scoring_system":"epss","scoring_elements":"0.88907","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8615"},{"reference_url":"https://curl.se/docs/CVE-2016-8615.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8615.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388370","reference_id":"1388370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388370"},{"reference_url":"http://www.securityfocus.com/bid/94096","reference_id":"94096","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"http://www.securityfocus.com/bid/94096"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102A.html","reference_id":"adv_20161102A.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102A.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://curl.haxx.se/CVE-2016-8615.patch","reference_id":"CVE-2016-8615.patch","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"https://curl.haxx.se/CVE-2016-8615.patch"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615","reference_id":"show_bug.cgi?id=CVE-2016-8615","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:35:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8615"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8615"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpj-xygq-9be2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34699?format=json","vulnerability_id":"VCID-vyk2-s5ut-ubbz","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8618","reference_id":"","reference_type":"","scores":[{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.81967","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82031","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82051","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.8204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82033","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82069","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.8207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82092","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82104","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82107","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.81978","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.81997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01654","scoring_system":"epss","scoring_elements":"0.82024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01679","scoring_system":"epss","scoring_elements":"0.82305","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01679","scoring_system":"epss","scoring_elements":"0.82282","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01679","scoring_system":"epss","scoring_elements":"0.82261","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8618"},{"reference_url":"https://curl.se/docs/CVE-2016-8618.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8618.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388378","reference_id":"1388378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388378"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8618"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vyk2-s5ut-ubbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34394?format=json","vulnerability_id":"VCID-w8ks-xk66-r3fm","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3823.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3823","reference_id":"","reference_type":"","scores":[{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82212","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82201","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82178","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82175","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82137","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82144","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82104","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82126","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82134","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82071","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01673","scoring_system":"epss","scoring_elements":"0.82215","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01908","scoring_system":"epss","scoring_elements":"0.8342","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01908","scoring_system":"epss","scoring_elements":"0.83379","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01908","scoring_system":"epss","scoring_elements":"0.834","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3823"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf"},{"reference_url":"https://curl.haxx.se/docs/CVE-2019-3823.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://curl.haxx.se/docs/CVE-2019-3823.html"},{"reference_url":"https://curl.se/docs/CVE-2019-3823.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2019-3823.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190315-0001/","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190315-0001/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4386","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://www.debian.org/security/2019/dsa-4386"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.securityfocus.com/bid/106950","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"http://www.securityfocus.com/bid/106950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670256","reference_id":"1670256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1670256"},{"reference_url":"https://security.archlinux.org/ASA-201902-10","reference_id":"ASA-201902-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-10"},{"reference_url":"https://security.archlinux.org/ASA-201902-11","reference_id":"ASA-201902-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-11"},{"reference_url":"https://security.archlinux.org/ASA-201902-12","reference_id":"ASA-201902-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-12"},{"reference_url":"https://security.archlinux.org/ASA-201902-13","reference_id":"ASA-201902-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-13"},{"reference_url":"https://security.archlinux.org/ASA-201902-9","reference_id":"ASA-201902-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-9"},{"reference_url":"https://security.archlinux.org/AVG-873","reference_id":"AVG-873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-873"},{"reference_url":"https://security.archlinux.org/AVG-874","reference_id":"AVG-874","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-874"},{"reference_url":"https://security.archlinux.org/AVG-875","reference_id":"AVG-875","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-875"},{"reference_url":"https://security.archlinux.org/AVG-876","reference_id":"AVG-876","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-876"},{"reference_url":"https://security.archlinux.org/AVG-877","reference_id":"AVG-877","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-877"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3823","reference_id":"CVE-2019-3823","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3823"},{"reference_url":"https://security.gentoo.org/glsa/201903-03","reference_id":"GLSA-201903-03","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://security.gentoo.org/glsa/201903-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3701","reference_id":"RHSA-2019:3701","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3701"},{"reference_url":"https://usn.ubuntu.com/3882-1/","reference_id":"USN-3882-1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:52:04Z/"}],"url":"https://usn.ubuntu.com/3882-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370799?format=json","purl":"pkg:generic/curl.se/curl@7.64.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-ac6r-spds-qbf5"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.64.0"}],"aliases":["CVE-2019-3823"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8ks-xk66-r3fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59717?format=json","vulnerability_id":"VCID-wrh2-77dv-hbdz","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8817","reference_id":"","reference_type":"","scores":[{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73097","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.7316","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73182","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.7309","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73534","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73535","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.74905","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.74941","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.74919","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.7491","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.74872","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00852","scoring_system":"epss","scoring_elements":"0.74918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00949","scoring_system":"epss","scoring_elements":"0.76325","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00949","scoring_system":"epss","scoring_elements":"0.76291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00949","scoring_system":"epss","scoring_elements":"0.76294","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00981","scoring_system":"epss","scoring_elements":"0.76812","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8817"},{"reference_url":"https://curl.haxx.se/docs/adv_2017-ae72.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"https://curl.haxx.se/docs/adv_2017-ae72.html"},{"reference_url":"https://curl.se/docs/CVE-2017-8817.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2017-8817.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817"},{"reference_url":"http://security.cucumberlinux.com/security/details.php?id=162","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"http://security.cucumberlinux.com/security/details.php?id=162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4051","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"https://www.debian.org/security/2017/dsa-4051"},{"reference_url":"http://www.securityfocus.com/bid/102057","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"http://www.securityfocus.com/bid/102057"},{"reference_url":"http://www.securitytracker.com/id/1039897","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"http://www.securitytracker.com/id/1039897"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515760","reference_id":"1515760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515760"},{"reference_url":"https://security.archlinux.org/ASA-201711-33","reference_id":"ASA-201711-33","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-33"},{"reference_url":"https://security.archlinux.org/ASA-201711-34","reference_id":"ASA-201711-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-34"},{"reference_url":"https://security.archlinux.org/ASA-201711-35","reference_id":"ASA-201711-35","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-35"},{"reference_url":"https://security.archlinux.org/ASA-201711-36","reference_id":"ASA-201711-36","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-36"},{"reference_url":"https://security.archlinux.org/ASA-201711-37","reference_id":"ASA-201711-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-37"},{"reference_url":"https://security.archlinux.org/ASA-201711-38","reference_id":"ASA-201711-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-38"},{"reference_url":"https://security.archlinux.org/AVG-521","reference_id":"AVG-521","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-521"},{"reference_url":"https://security.archlinux.org/AVG-522","reference_id":"AVG-522","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-522"},{"reference_url":"https://security.archlinux.org/AVG-523","reference_id":"AVG-523","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-523"},{"reference_url":"https://security.archlinux.org/AVG-524","reference_id":"AVG-524","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-524"},{"reference_url":"https://security.archlinux.org/AVG-525","reference_id":"AVG-525","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-525"},{"reference_url":"https://security.archlinux.org/AVG-526","reference_id":"AVG-526","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-526"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8817","reference_id":"CVE-2017-8817","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8817"},{"reference_url":"https://security.gentoo.org/glsa/201712-04","reference_id":"GLSA-201712-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:59:34Z/"}],"url":"https://security.gentoo.org/glsa/201712-04"},{"reference_url":"https://usn.ubuntu.com/3498-1/","reference_id":"USN-3498-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3498-1/"},{"reference_url":"https://usn.ubuntu.com/3498-2/","reference_id":"USN-3498-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3498-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370791?format=json","purl":"pkg:generic/curl.se/curl@7.57.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-dhrf-2sz5-3bhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-krgt-drpz-y7cy"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vr9x-yqsd-6fc8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.57.0"}],"aliases":["CVE-2017-8817"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrh2-77dv-hbdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47225?format=json","vulnerability_id":"VCID-wwam-tcmv-kqhc","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which may lead to arbitrary code execution.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5482","reference_id":"","reference_type":"","scores":[{"value":"0.06912","scoring_system":"epss","scoring_elements":"0.91427","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06912","scoring_system":"epss","scoring_elements":"0.91423","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06912","scoring_system":"epss","scoring_elements":"0.91403","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06912","scoring_system":"epss","scoring_elements":"0.91402","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06912","scoring_system":"epss","scoring_elements":"0.91424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07088","scoring_system":"epss","scoring_elements":"0.91546","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07088","scoring_system":"epss","scoring_elements":"0.91547","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07088","scoring_system":"epss","scoring_elements":"0.91549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92327","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.9225","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92277","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92281","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92286","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08332","scoring_system":"epss","scoring_elements":"0.92319","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0854","scoring_system":"epss","scoring_elements":"0.92415","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5482"},{"reference_url":"https://curl.haxx.se/docs/CVE-2019-5482.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://curl.haxx.se/docs/CVE-2019-5482.html"},{"reference_url":"https://curl.se/docs/CVE-2019-5482.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2019-5482.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/684603","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/684603"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/"},{"reference_url":"https://seclists.org/bugtraq/2020/Feb/36","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://seclists.org/bugtraq/2020/Feb/36"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191004-0003/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20191004-0003/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200416-0003/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200416-0003/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4633","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://www.debian.org/security/2020/dsa-4633"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749652","reference_id":"1749652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749652"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010","reference_id":"940010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940010"},{"reference_url":"https://security.archlinux.org/AVG-1982","reference_id":"AVG-1982","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1982"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_essbase:11.1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:oss_support_tools:20.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5482","reference_id":"CVE-2019-5482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5482"},{"reference_url":"https://security.gentoo.org/glsa/202003-29","reference_id":"GLSA-202003-29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:55:46Z/"}],"url":"https://security.gentoo.org/glsa/202003-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0250","reference_id":"RHSA-2020:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1792","reference_id":"RHSA-2020:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3916","reference_id":"RHSA-2020:3916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0759","reference_id":"RHSA-2021:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0877","reference_id":"RHSA-2021:0877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1027","reference_id":"RHSA-2021:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1027"},{"reference_url":"https://usn.ubuntu.com/4129-1/","reference_id":"USN-4129-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4129-1/"},{"reference_url":"https://usn.ubuntu.com/4129-2/","reference_id":"USN-4129-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4129-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370805?format=json","purl":"pkg:generic/curl.se/curl@7.66.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j5s3-rr74-nqb8"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.66.0"}],"aliases":["CVE-2019-5482"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwam-tcmv-kqhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96485?format=json","vulnerability_id":"VCID-x57x-w8g8-7ybz","summary":"When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07444","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0715","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07127","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07251","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07226","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07218","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07372","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07206","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07234","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3459417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://hackerone.com/reports/3459417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407","reference_id":"2426407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.json","reference_id":"CVE-2025-14524.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370670?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-acd8-mwm2-zka5"},{"vulnerability":"VCID-amgy-dw6h-6ydf"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-14524"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x57x-w8g8-7ybz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11000?format=json","vulnerability_id":"VCID-y32p-52ps-4ug4","summary":"Use of Incorrectly-Resolved Name or Reference\nlibcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function does not take `issuercert` into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn't include the `issuer cert` which a transfer can set to qualify how to verify the server certificate.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22924.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22924","reference_id":"","reference_type":"","scores":[{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73012","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73042","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73203","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73181","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73155","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.7316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73161","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73147","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73016","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73021","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73053","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.7311","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73117","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73107","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73064","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.7307","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73091","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22924"},{"reference_url":"https://curl.se/docs/CVE-2021-22924.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22924.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1223565","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://hackerone.com/reports/1223565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981460","reference_id":"1981460","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492","reference_id":"991492","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991492"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/ASA-202107-60","reference_id":"ASA-202107-60","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-60"},{"reference_url":"https://security.archlinux.org/ASA-202107-61","reference_id":"ASA-202107-61","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-61"},{"reference_url":"https://security.archlinux.org/ASA-202107-62","reference_id":"ASA-202107-62","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-62"},{"reference_url":"https://security.archlinux.org/ASA-202107-63","reference_id":"ASA-202107-63","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-63"},{"reference_url":"https://security.archlinux.org/ASA-202107-64","reference_id":"ASA-202107-64","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-64"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://security.archlinux.org/AVG-2195","reference_id":"AVG-2195","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2195"},{"reference_url":"https://security.archlinux.org/AVG-2196","reference_id":"AVG-2196","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2196"},{"reference_url":"https://security.archlinux.org/AVG-2197","reference_id":"AVG-2197","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2197"},{"reference_url":"https://security.archlinux.org/AVG-2198","reference_id":"AVG-2198","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2198"},{"reference_url":"https://security.archlinux.org/AVG-2199","reference_id":"AVG-2199","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2199"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22924","reference_id":"CVE-2021-22924","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22924"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3582","reference_id":"RHSA-2021:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1354","reference_id":"RHSA-2022:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1354"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf","reference_id":"ssa-484086.pdf","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf","reference_id":"ssa-732250.pdf","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:35:55Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"},{"reference_url":"https://usn.ubuntu.com/5021-1/","reference_id":"USN-5021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5021-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370820?format=json","purl":"pkg:generic/curl.se/curl@7.78.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bdy2-8gub-tfe6"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.78.0"}],"aliases":["CVE-2021-22924"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y32p-52ps-4ug4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49277?format=json","vulnerability_id":"VCID-y4x5-n5m2-x7bq","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32208","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33699","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33815","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33792","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33706","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33587","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33656","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37916","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37837","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37942","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37819","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37883","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37898","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32208"},{"reference_url":"https://curl.se/docs/CVE-2022-32208.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-32208.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1590071","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://hackerone.com/reports/1590071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2099306","reference_id":"2099306","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2099306"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Oct/28","reference_id":"28","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Oct/41","reference_id":"41","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"reference_url":"https://security.archlinux.org/AVG-2817","reference_id":"AVG-2817","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2817"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/","reference_id":"BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5197","reference_id":"dsa-5197","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://www.debian.org/security/2022/dsa-5197"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213488","reference_id":"HT213488","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://support.apple.com/kb/HT213488"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0003/","reference_id":"ntap-20220915-0003","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220915-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6157","reference_id":"RHSA-2022:6157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6159","reference_id":"RHSA-2022:6159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5495-1/","reference_id":"USN-5495-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5495-1/"},{"reference_url":"https://usn.ubuntu.com/5499-1/","reference_id":"USN-5499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370828?format=json","purl":"pkg:generic/curl.se/curl@7.84.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-4e1k-7bj9-hfch"},{"vulnerability":"VCID-4gze-cwtp-2bgr"},{"vulnerability":"VCID-4seq-hvbx-7fg8"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bz4u-6rft-s3a8"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-ej47-4dcu-5fhy"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-m15r-v9sr-2bbn"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-pwn6-j8vf-rufk"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-rg54-svzj-x7f9"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t9p4-2x7v-yfaq"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-wgma-bycg-1qb1"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xpss-yndr-mycj"},{"vulnerability":"VCID-yaas-j3qk-kfdg"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.84.0"}],"aliases":["CVE-2022-32208"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4x5-n5m2-x7bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354621?format=json","vulnerability_id":"VCID-ydcp-ufa5-rqhd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json"},{"reference_url":"https://curl.se/docs/CVE-2026-6429.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-6429.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3677759","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3677759"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205","reference_id":"2461205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088653?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-6429"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydcp-ufa5-rqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50086?format=json","vulnerability_id":"VCID-yvdd-ataf-ckf1","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could result in information disclosure or data loss.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8231","reference_id":"","reference_type":"","scores":[{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36408","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36844","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36827","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36542","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36511","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36422","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36307","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.3638","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36823","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44761","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44858","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44863","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44803","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44855","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8231"},{"reference_url":"https://curl.se/docs/CVE-2020-8231.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2020-8231.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/948876","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/948876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1868032","reference_id":"1868032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1868032"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831","reference_id":"968831","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968831"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8231","reference_id":"CVE-2020-8231","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8231"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://usn.ubuntu.com/4466-1/","reference_id":"USN-4466-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4466-1/"},{"reference_url":"https://usn.ubuntu.com/4466-2/","reference_id":"USN-4466-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4466-2/"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370813?format=json","purl":"pkg:generic/curl.se/curl@7.72.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-d3s1-3qs7-2uhw"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-frgg-29yv-dyf7"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-gv7x-j8bz-wycc"},{"vulnerability":"VCID-hayq-ra35-myf3"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-n57n-cymy-z7dr"},{"vulnerability":"VCID-nvzd-v3bs-6qek"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpux-jh6k-8qhx"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t1fk-cbsx-j3gh"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-t8t6-9wa3-aub7"},{"vulnerability":"VCID-tcqe-7skm-b3fz"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-vbbv-k1r7-kkas"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-xzay-sjpy-3yce"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.72.0"}],"aliases":["CVE-2020-8231"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvdd-ataf-ckf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34706?format=json","vulnerability_id":"VCID-yxks-8529-23bj","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8625","reference_id":"","reference_type":"","scores":[{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81219","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.8125","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81228","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81278","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81304","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.8129","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.8132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81322","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81344","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01526","scoring_system":"epss","scoring_elements":"0.81356","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01549","scoring_system":"epss","scoring_elements":"0.815","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01549","scoring_system":"epss","scoring_elements":"0.81542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01549","scoring_system":"epss","scoring_elements":"0.8152","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8625"},{"reference_url":"https://curl.se/docs/CVE-2016-8625.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8625.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388392","reference_id":"1388392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388392"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8625"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxks-8529-23bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34698?format=json","vulnerability_id":"VCID-zxz2-xfpd-pbay","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8617","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19575","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19573","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19491","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19517","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19482","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19763","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19488","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23949","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24074","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24007","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24248","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24209","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24389","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8617"},{"reference_url":"https://curl.se/docs/CVE-2016-8617.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-8617.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037192","reference_id":"1037192","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"http://www.securitytracker.com/id/1037192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388377","reference_id":"1388377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388377"},{"reference_url":"http://www.securityfocus.com/bid/94097","reference_id":"94097","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"http://www.securityfocus.com/bid/94097"},{"reference_url":"https://curl.haxx.se/docs/adv_20161102C.html","reference_id":"adv_20161102C.html","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"https://curl.haxx.se/docs/adv_20161102C.html"},{"reference_url":"https://security.archlinux.org/ASA-201611-10","reference_id":"ASA-201611-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-10"},{"reference_url":"https://security.archlinux.org/ASA-201611-4","reference_id":"ASA-201611-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-4"},{"reference_url":"https://security.archlinux.org/ASA-201611-5","reference_id":"ASA-201611-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-5"},{"reference_url":"https://security.archlinux.org/ASA-201611-7","reference_id":"ASA-201611-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-7"},{"reference_url":"https://security.archlinux.org/ASA-201611-8","reference_id":"ASA-201611-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-8"},{"reference_url":"https://security.archlinux.org/ASA-201611-9","reference_id":"ASA-201611-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-9"},{"reference_url":"https://security.archlinux.org/AVG-60","reference_id":"AVG-60","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-60"},{"reference_url":"https://security.archlinux.org/AVG-61","reference_id":"AVG-61","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-61"},{"reference_url":"https://security.archlinux.org/AVG-62","reference_id":"AVG-62","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-62"},{"reference_url":"https://security.archlinux.org/AVG-63","reference_id":"AVG-63","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-63"},{"reference_url":"https://security.archlinux.org/AVG-65","reference_id":"AVG-65","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-65"},{"reference_url":"https://security.archlinux.org/AVG-66","reference_id":"AVG-66","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-66"},{"reference_url":"https://curl.haxx.se/CVE-2016-8617.patch","reference_id":"CVE-2016-8617.patch","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"https://curl.haxx.se/CVE-2016-8617.patch"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8617","reference_id":"show_bug.cgi?id=CVE-2016-8617","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:31:30Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8617"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370780?format=json","purl":"pkg:generic/curl.se/curl@7.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.51.0"}],"aliases":["CVE-2016-8617"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxz2-xfpd-pbay"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34695?format=json","vulnerability_id":"VCID-k8kj-q1je-f7bt","summary":"Multiple vulnerabilities have been found in cURL, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7167","reference_id":"","reference_type":"","scores":[{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84725","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84681","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84708","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84631","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84766","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84765","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84667","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84689","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84715","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.8471","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84704","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84726","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84727","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84729","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02289","scoring_system":"epss","scoring_elements":"0.84756","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7167"},{"reference_url":"https://curl.se/docs/CVE-2016-7167.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2016-7167.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375906","reference_id":"1375906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945","reference_id":"837945","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837945"},{"reference_url":"https://security.archlinux.org/ASA-201609-18","reference_id":"ASA-201609-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-18"},{"reference_url":"https://security.archlinux.org/ASA-201609-19","reference_id":"ASA-201609-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-19"},{"reference_url":"https://security.archlinux.org/AVG-20","reference_id":"AVG-20","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-20"},{"reference_url":"https://security.archlinux.org/AVG-21","reference_id":"AVG-21","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-21"},{"reference_url":"https://security.gentoo.org/glsa/201701-47","reference_id":"GLSA-201701-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2016","reference_id":"RHSA-2017:2016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2016"},{"reference_url":"https://usn.ubuntu.com/3123-1/","reference_id":"USN-3123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3123-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370779?format=json","purl":"pkg:generic/curl.se/curl@7.50.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k8f-qgcv-xkhb"},{"vulnerability":"VCID-1mf9-u8y1-zbb1"},{"vulnerability":"VCID-26ju-84rx-c7b9"},{"vulnerability":"VCID-29n1-4u2b-tkgj"},{"vulnerability":"VCID-2b39-ubrt-hkc6"},{"vulnerability":"VCID-2cx5-1qnw-uufj"},{"vulnerability":"VCID-2xmp-jc8v-bucb"},{"vulnerability":"VCID-3qck-hm3c-tqaq"},{"vulnerability":"VCID-3sy2-4f3g-zkac"},{"vulnerability":"VCID-47qb-2qkw-1qej"},{"vulnerability":"VCID-56wg-yafz-gkgx"},{"vulnerability":"VCID-5jan-pqf6-fyhr"},{"vulnerability":"VCID-5n7a-9j23-e7dj"},{"vulnerability":"VCID-6muy-xpdq-9kg8"},{"vulnerability":"VCID-6we4-n888-6qhe"},{"vulnerability":"VCID-6yb7-t8qs-cbch"},{"vulnerability":"VCID-75nw-4e2d-zqgg"},{"vulnerability":"VCID-79sv-kzb5-hbc4"},{"vulnerability":"VCID-7srk-hshe-h3f4"},{"vulnerability":"VCID-7vt9-pf5q-uqb6"},{"vulnerability":"VCID-8zks-th64-33b8"},{"vulnerability":"VCID-9ggp-5wfj-ufcq"},{"vulnerability":"VCID-9nak-pscy-e7gs"},{"vulnerability":"VCID-a9b6-m25r-kygw"},{"vulnerability":"VCID-ae59-w7a1-7keg"},{"vulnerability":"VCID-arjz-67yz-wkg9"},{"vulnerability":"VCID-bb2f-7qrm-1kca"},{"vulnerability":"VCID-bgdk-ebn7-eycn"},{"vulnerability":"VCID-bhvd-ntxz-dkg4"},{"vulnerability":"VCID-bv57-gvfs-qfhj"},{"vulnerability":"VCID-c6dk-7gj6-7far"},{"vulnerability":"VCID-cbah-e86c-w3fj"},{"vulnerability":"VCID-cbph-fu9d-gbah"},{"vulnerability":"VCID-cp4n-p2z3-43b4"},{"vulnerability":"VCID-dc3c-3wab-57gh"},{"vulnerability":"VCID-ddgz-rczw-jqfw"},{"vulnerability":"VCID-dgtq-eaav-jyhf"},{"vulnerability":"VCID-e58m-g37d-9fd6"},{"vulnerability":"VCID-etzn-uhck-h7b2"},{"vulnerability":"VCID-fnj3-2du1-4bhx"},{"vulnerability":"VCID-fp65-97n1-xuaj"},{"vulnerability":"VCID-g4jw-azg9-gqbs"},{"vulnerability":"VCID-ggt7-eejg-xfb6"},{"vulnerability":"VCID-gnx2-djyk-uyaf"},{"vulnerability":"VCID-hj8v-tgnn-mfdw"},{"vulnerability":"VCID-hrsy-694u-2fec"},{"vulnerability":"VCID-hudt-78dw-tkf2"},{"vulnerability":"VCID-j2cq-q3r9-jfcp"},{"vulnerability":"VCID-j2qx-np45-4qdu"},{"vulnerability":"VCID-jnfc-8f5d-pyh4"},{"vulnerability":"VCID-jqqf-gmd3-ubcd"},{"vulnerability":"VCID-jtw4-af4y-nkbk"},{"vulnerability":"VCID-ju6h-a1sz-f7e5"},{"vulnerability":"VCID-mkyr-w79c-qqfz"},{"vulnerability":"VCID-ms2r-94ph-yyh3"},{"vulnerability":"VCID-n51k-39uk-auca"},{"vulnerability":"VCID-ph5u-5j8n-4qah"},{"vulnerability":"VCID-q229-ag6u-u3hv"},{"vulnerability":"VCID-qbpd-star-6fgn"},{"vulnerability":"VCID-qdcn-2u3v-b3cv"},{"vulnerability":"VCID-qpfa-s6sd-8yct"},{"vulnerability":"VCID-r7bh-7wur-xffs"},{"vulnerability":"VCID-rmez-cwu2-2ya7"},{"vulnerability":"VCID-rsgn-r3yp-nkb6"},{"vulnerability":"VCID-s73y-y7v7-43cm"},{"vulnerability":"VCID-sh5a-fmna-wffr"},{"vulnerability":"VCID-sshs-1k6e-cqer"},{"vulnerability":"VCID-syz5-5y6f-s7er"},{"vulnerability":"VCID-t4gn-9fw8-gkc3"},{"vulnerability":"VCID-tz47-j4ey-t7g6"},{"vulnerability":"VCID-u4bx-xqb3-vuef"},{"vulnerability":"VCID-v3qf-6wju-1bg8"},{"vulnerability":"VCID-vxpj-xygq-9be2"},{"vulnerability":"VCID-vyk2-s5ut-ubbz"},{"vulnerability":"VCID-w8ks-xk66-r3fm"},{"vulnerability":"VCID-wrh2-77dv-hbdz"},{"vulnerability":"VCID-wwam-tcmv-kqhc"},{"vulnerability":"VCID-x57x-w8g8-7ybz"},{"vulnerability":"VCID-y32p-52ps-4ug4"},{"vulnerability":"VCID-y4x5-n5m2-x7bq"},{"vulnerability":"VCID-ydcp-ufa5-rqhd"},{"vulnerability":"VCID-yvdd-ataf-ckf1"},{"vulnerability":"VCID-yxks-8529-23bj"},{"vulnerability":"VCID-zxz2-xfpd-pbay"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.3"}],"aliases":["CVE-2016-7167"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kj-q1je-f7bt"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.50.3"}